t this point, the only realistic sources are:
- Theme/header/footer output (Elementor Theme Builder / header template)
- Security plugins (Solid Security / Wordfence)
- Site-wide scripts injected by Hostinger Tools
- A hardcoded snippet in functions.php / header.php / a “Code Snippets” type tool
- Cloudflare/Hostinger caching of an old build (less likely, but possible)
Here’s the shortest, most conclusive next test sequence.