Defacement not flagged by a lot of scanners....

See: https://app.webinspector.com/public/reports/27541236
A scanner that flags it: http://killmalware.com/risinglash.com/
And one that confirms it: http://sitecheck.sucuri.net/results/risinglash.com
Listed here: http://www.hack-mirror.com/hacker/D@rk_sH@d0W/all.html
Whenever we search for <p style=“text-shadow: -28px 84.8px 28px black;” id=“tsb-text”
we get to see a lot of likewise hacks. Read for instance: http://www.leakedin.com/2014/08/09/potential-leak-of-data-hacking-notification-3262/
How the defacement is being performed: -http://www.nextgenupdate.com/forums/computer-programming/396091-how-make-simple-deface-page-defacement.html & & http://archive.today/3KKW4 (our one via php XSS) → http://www.jsunpack.jeek.org/software/?report=c19e3ca9b452d3c506d749da4f6c083a95fb4f5c
Above link for security research only, open up in browser with NoScript active and inside a VM/sandbox.
More on "cdn-cgi/nexp/abv=4114775854/undefined"in the code, re: http://www.pastebin.ca/2870971

polonus