OP said the blocked site he is trying to access also uses cloudflare certificate
Interesting analogy but it falls flat as Airtel is not only reading which websites the traffic is going to and blocking them but also injecting said sites with the DOT notice even on https://.
But they are injecting data into the https:// stream by showing the DOT notice on the https:// page itself without redirecting.Remember, they aren't injecting data into your https stream, which is what https is mainly used for, end to end data security/integrity. They are simply redirecting you to a block page in the event you are accessing a webpage on the block list.
<iframe src="http://94.201.7.202:8080/webadmin/deny/index.php?dpid=20&
dpruleid=7&cat=105&ttl=0&groupname=Du_Public_IP_Address&policyname=default&
username=94.XX.0.0&userip=94.XX.XX.XX&connectionip=1.0.0.127&
nsphostname=YYYYYYYYYY.du.ae&protocol=nsef&dplanguage=-&url=http%3a%2f%2f
pastehtml%2ecom%2fview%2fc336prjrl%2ertxt"
width="100%" height="100%" frameborder=0></iframe>
<iframe src="http://www.airtel.in/dot/?dpid=1&dpruleid=3&cat=107&dplanguage=-&url=http%3a%2f%2f1337x%2eto%2f" width="100%" height="100%" frameborder="0"></iframe>
Edit: I was wrong!
------------------------------------------snip-----------------------------------------------------
Also recommend reading the Citizen Lab report: https://citizenlab.ca/2016/09/tender-confirmed-rights-risk-verifying-netsweeper-bahrain/
@Karan They still do, even as I was looking at the Airtel DOT iframe I got all the URL parameters for the site with the server being Chennai. But they do so intermittently and infrequently.The interesting part is, earlier, the airtel URL was basically the same and did include further details like your IP, your DSL user ID and even the location of the server, Mumbai!