MTNL (General) MTNL Broadband is now injecting ads through Phozeca in browsing sessions

apuw

Member
[OP]
Mar 20, 2017
72
11
MTNL is still injecting ads in users browsers and has a new partner Phozeca this time, the information sent to this unknown third party is baffling and the way in which it's sent is preposterous.
-----------------------------------------------------------------------------------------------------------------------------------------
I have been a MTNL customer for quite some time (a rather long time I should say) and all in all its a been a fairly good service but recently the tricks they've been pulling up are changing my opinion.
I remember seeing MTNL popups in the beginning of 2014 (as was the case with many users which I would find much later), I didn't think much of these then and dismissed them as a few annoying but sometimes even useful alerts from the company. These started getting frequent but not to the point that I would actually do something about them.

Later in the year I saw popup ads appearing in the corners of websites, it didn't even cross my mind that these ads were actually being served by MTNL I just thought these must be some new kind of ads on websites. This went on, the popups and ads kept coming and I kept dismissing them.

Until I ran into this thread by @Sushubh: Source

It's now when I realized that the little ads in the corner weren't displayed by the website but my own ISP to whom I was paying for internet services. I didn't mind the MTNL alerts but to think that I put up with its ads for two years...
I came to this forum back then and read up on the thread MTNL Broadband is injecting ads on your computer pretending it's a feature, seeing the way they were injecting these ads and collecting user data was beyond what I imagined, giving my data to a third party that's a no no as well.
I decided to block these ads and alerts by blocking their server which was: 203.94.248.40 didn't see the ads and alerts after that.

This was until this past December when I noticed these again I simply blocked the domain that was serving these: http://mtnl.phozeca.com, I was intrigued to look into this new party serving me these ads but didn't.
A few days ago someone posted MTNL Broadband is injecting ads on your computer pretending it's a feature that MTNL has abandoned these ads, so I went to look if this really was the case, it wasn't but what I found was preposterous.

I went to a http:// page to check the claim made by the user in this case Latest News, Breaking News Live, Current Headlines, India News Online | The Indian Express and looked at the network request, and sure enough the ad network request by MTNL was blocked by the rule I had set earlier but what I had not seen at that time was the amount of data being sent.
The simple ad request initiated by MTNL included so much data in just the URL I was flabbergasted, it included my phone number, my IP address, my screen size etc. in just the http:// header (Network Request: Paste2.org - Viewing Paste WaH6YYmp), this info could easily have been snooped up by anyone and who knows what info they might have already given to this ad partner.

I decided to check who exactly were these guys who are getting my data. Turns out their company:
Phozeca Digital Services Pvt. Ltd (Advertising Platform - Most Cost Efficient & Highly Targeted Advertising Solution - Phozeca |) was registered on 18 July, 2014 the time when the MTNL ads initially started and guess where their office is, according to their own website its in Gurgaon the same place where the first MTNL ad partner Adphonso was located makes you suspicious doesn't it.
They also have a very familiar working model:
The most efficient and reliable user engagement method of communicating directly with subscribers on any device in a non-disruptive and cost-effective manner. The right message-right time-right subscriber-right device approach has helped the internet users across the globe to meet their time-critical communication needs along with giving an additional revenue stream to the service providers through ad monetization of their networks.
Hmmm...

These very well could be the same guys but can't say for certain.

On a side note the guy who runs this company previously ran a travel company TOFLER - ASHISH SINGLA - Basic Signatory Information guess the travails of the travels didn't turn out too good for him. Haha...
-----------------------------------------------------------------------------------------------------------------------------------------
Well I am tired of running around and blocking these unsolicited ads and have finally sent a DND request to the GM of my region (MTNL Delhi - Customer SelfCare Portal : Online Book Landline, Broadband and other services) and hope this will stop.
What makes me sad is the fact that most MTNL users don't even know these ads are served by their own ISP who they are paying to.
This still should not be allowed and TRAI should take a stand on this, I can't believe they haven't till now.
 
Last edited:
Reactions: kickass

apuw

Member
[OP]
Mar 20, 2017
72
11
Here are the scripts that load these ads, they load almost every time when visiting a http:// website (personal info has been redacted):
The URL being visited is -
Laptops, iPads banned on direct US-bound flights from 8 countries - Times of India

Initializing Script: Source

Script for Loading Ads: Source
(This one has comments in Spanish really who are they selling my data to!)

XHR Request for Checking Ad Availability: Source
(Are they running a full fledged ad network now!)

If you check the Script that loads the ads you can see code for loading ads from:
IMA AD, Komli Media, InMobi, ADATHA, and also have code to flash ads. Are they kidding me or what, this is not an ISP they are simple feeding off us.

I want out, lets see how long till they add me to DND or not respond at all...
 
Last edited:

apuw

Member
[OP]
Mar 20, 2017
72
11
Last edited:

caffeinator

Newbie
Regulars
Mar 9, 2008
20
2
I have MTNL triband broadband and have blocked (i) phozeca.com, (ii) mtnl.phozeca.com, (iii) 204.93.248.40 at the DSL modem (Beetel 410tc1) as well as the WiFi router (TP-Link MR 3420). Yet whenever I open any page from BBC/CNN/suchlike with streaming video, I find 'mtnl.phozeca.com' in the 'blocked/untrusted list' in No-Script (firefox) and Script-safe (Chrome). And the videos are disabled, i.e., I only see the initial image, not the arrow to start the video (I use flashblock). Youtube works. This is across platforms - Windows, Linux, Android.

I know it is not a problem with the browser because the same settings allow the streaming cntent when viewed using Airtel 3G/4G (which tries to inject its own ads, but that is another story), or the office network.

How is mtnl.phozeca.com managing to sneak in? What other setting do I need at the modem/router level?
 

caffeinator

Newbie
Regulars
Mar 9, 2008
20
2
In continuation of my previous comment, I want to add that I use the Google DNS and Open-DNS servers, not the MTNL default
 

Sushubh

Administrator
Oct 29, 2004
413,665
12,751
Gurugram
these video sites you are visiting are not https?
 


caffeinator

Newbie
Regulars
Mar 9, 2008
20
2
I use https everywhere in both FF and Chrome. but I think parts of these web-pages are not https. If I set the 'allow only https' rule, then the web-page does not load.
What I do not understand is, how is a site/domain/IP blocked at the router level still creeping in?
 

Sushubh

Administrator
Oct 29, 2004
413,665
12,751
Gurugram
i mean ad injection should not happen at all on https sites so there is no way youtube can be affected by this.
almost all major video services are now https (including adult ones). one can just hope that smaller ones also migrate soon.
because that is the only good solution for this problem.