I've got a strange issue going on with a client WordPress site. Adopted and finished it from another developer but can't find any reference in the database or any plugin settings that would appear to be causing this bizarre change.
Site is an e-commerce store and will be humming along fine and then suddenly lose styles, scripts, images. Looking at the source, all URLs are changed from https://www.example.com to https://www.wordpress.example.com (also may be https://www.blog.example.com or https://www.wp.example.com). It is never anything other than one of these three variants.
Going to the proper domain to login works fine albeit not styled. In admin, the URLs on both Wordpress Address and Site Address are not altered (https://www.example.com). Hitting "Save" on settings returns everything to normal.
Scoured DB with MyPhpAdmin and other PHP utils searching those domain patterns with no result. Host suggests plugin as likely culprit, however with no definite "schedule" as to when this happens, turning everything off for possibly days on a live e-store isn't going to be a popular tactic with client. May setup a test server at the same host and strip that down to bones and see.
Odd thing site has been up for five months, four of them fine. Seems to coincide with end of April around the 4.2 update. Runs WooCommerce for e-store, Gravity Forms, ACF, Yoast SEO as well as The Dashboard, Snapshot, and Google Analytics from WPMUDev. Custom theme but nothing off-the-wall. Everything is current now.
Wondering if anyone had seen any behaviour similar? Thanks in advance for any ideas.