GitLab

Beeline is one of the largest Russian telecom providers.

They supply their own routers, which, apparently, inject ads into all non-https websites. Here are screenshots with my findings (I will only prove one site as example, but it happens on all non-https sites):

I called their support and they couldn't explain the existence of this script, however they could disable it ¯_(ツ)_/¯

This one is tricky now, because you need this router to reproduce this, and mine was "fixed". However, consider if it's possible for you to block this kind of behaviour. I'm pretty sure there are many public Beeline routers that do this, as well as routers of many non-suspecting customers of Beeline.