I found that an HTML page was inexplicably embedded with a piece of HTML. When viewing the source template file, there was no such code.
The embedded code is as follows: 
The project was developed using PHP and the OneThink framework. I checked the template file and found that there was no relevant embedded code. The local operation was normal, but on the server there was more code like the screenshot above
What is the specific reason?
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
Content hijacking (tampered with).
1. The content on the source server has been tampered with; 2. It has been tampered with during the transmission process;
If it is the former, check and repair server vulnerabilities, and restore the source files; if it is the latter, first determine which regions and operators have access that has been tampered with (You can use some webmaster tools, such as 17ce.com), and then try to contact the region and operator to coordinate and solve the problem (generally speaking, they do not handle complaints from large enterprise-level customers). The best solution is to switch to https.
Visual inspection is that it is implanted by DNS hijacking