I have an http website, hosted by the service provider. My web pages load javascript files from the web server. Well, really standard scenario, but…
When I am at home, and load web page from my web server, I see banner ad. It must NOT be there at all, because I was programming the website manually, and all web pages are hand made, no automated website creation at all.
After some investigation I figured out that most of the time, when web page asks for .js file, the browser gets 307 redirect to spammer’s website, which shows the ad.
The files on the web server are intact; and if I use another internet provider this issue does not exhibit – only when I am at home using very specific internet service provider.
I suspect that some gateway in the service provider’s network was hacked, and it intercepts the http (insecure) requests and routes browser to the spammers.
Am I correct? What can I do in this situation? Is it possible to locate the malicious node on the network?
