Same here. Some of the ISPs in my country injects their own ads on the lower-right corner of the page, pretending to be placed by the website. I’ve personally experienced this. They use an iframe to encapsulate the actual page, and overlay their ad onto the page.
At least it provides a strong motivation for websites to support HTTPS. 
3 Likes