Thank you for your response! I know for sure that my website page was not hacked or altered in any way, it is just a simple hardcoded static page to inform users of new features about the app, no ads on this page.
About my app being reverse engineered/hacked - yes, I agree that is a possibility as this can be done quite easily.
So the way I see it is that anyone could get my account disabled if they wanted to, by triggering policy violations, which is probably what happened in my case. While it was probably a bad idea to add an ad on the same screen with my WebView (there's a lot of space between them, I removed the ad in 1-2 days after adding it), now I realize that I cannot really prevent policy violations at all and there is no guarantee of anything.
So how do we developers protect our AdMob account from being terminated? The only way I can prove it that it was not me causing the policy violation is maybe through my GitHub code history, but my appeal was already rejected and we can only use one, all the other are ignored, even though I think that even my first one was ignored and I just received an automated reply. Is there anything that I can do now to get my account back? I find this very frustrating, I know that I did not do anything wrong but Google probably has no way or probably will not bother investigating who actually caused the policy violation.
How does the system know that the website is owned by the app's owner? Perhaps it thought that it does not belong to me?
I would also like to understand something - my account was suddenly disabled saying I violated the "Framed Sites" policy but normally I think I should've had a warning first saying that there's an issue with one of my apps before actually shutting down my account like that. It's as if something really serious triggered it, could you please tell me a few things that could trigger a sudden account ban? Or is "Framed Sites" policy enough to trigger it?