explaingit

mayersscott/rkn-block-checker

Analysis updated 2026-07-03 · repo last pushed 2026-06-12

1,554PythonAudience · generalComplexity · 2/5ActiveSetup · easy

TLDR

A command-line tool that detects exactly how a website is being blocked, at the DNS, TCP, TLS, or HTTP layer, helping users pick the right circumvention method.

Mindmap

mindmap
  root((repo))
    What it does
      Checks DNS TCP TLS HTTP
      Reports block layer
      Compares DNS results
    Tech stack
      Python
      Command-line tool
      JSON output
    Use cases
      Choose circumvention tool
      Document censorship patterns
      File block bug reports
    Audience
      Journalists and activists
      Network engineers
      General internet users
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Determine whether a blocked site is blocked by DNS poisoning or deep packet inspection so you can pick the right workaround.

USE CASE 2

Run on a schedule and save JSON snapshots to track how censorship patterns change over time.

USE CASE 3

Generate evidence of specific blocking mechanisms for bug reports or advocacy documentation.

What is it built with?

PythonDNS-over-HTTPSCloudflare DNS

How does it compare?

mayersscott/rkn-block-checkerlightseekorg/tokenspeedbeenuar/aisoc
Stars1,5541,5421,479
LanguagePythonPythonPython
Last pushed2026-06-122026-07-032026-06-30
MaintenanceActiveActiveActive
Setup difficultyeasyhardhard
Complexity2/54/54/5
Audiencegeneraldeveloperops devops

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · easy Time to first run · 5min

Python command-line tool with no external infrastructure required beyond an internet connection.

In plain English

RKN Block Checker is a command-line tool that tells you not just whether a website is blocked on your connection, but exactly how it's being blocked. It's designed for people in Russia dealing with state-mandated internet censorship (RKN refers to Roskomnadzor, the Russian telecom regulator), but it's useful for anyone who needs to understand the specific mechanism their ISP or government is using to interfere with traffic. When a site won't load, your browser just says "this site can't be reached." That's not very helpful if you want to do something about it. This tool checks each layer of the connection, DNS, TCP, TLS, and HTTP, one at a time and reports which layer broke and what that failure looks like. For example, if your ISP's DNS is lying about a site's address, that's a DNS block. If the connection works at the TCP level but dies the moment you try to establish an encrypted TLS connection, that's a signature of deep packet inspection (DPI) watching for the site's name in the handshake. If you get a response but it's an ISP-controlled "blocked" page, that's an HTTP stub. The people who'd use this are journalists, activists, network engineers, or anyone trying to choose the right circumvention tool. If your block is DNS-based, changing your DNS resolver might fix it. If it's TLS-based DPI, you'd need something that hides the site name, like a VPN or a tool that scrambles the SNI field. Knowing the block type determines your workaround. It's also useful for filing bug reports or documenting censorship patterns over time, you can run it on a schedule and save JSON snapshots to track how blocking changes. A few things stand out about the approach. The tool compares your system's DNS results against Cloudflare's DNS-over-HTTPS, which the ISP can't easily intercept, to detect DNS poisoning. It also checks the full set of returned IP addresses rather than just the first one, which avoids false positives from normal load balancing. Confidence levels are calibrated honestly: a confirmed DNS mismatch is labeled high confidence, while a TLS reset that matches a known censorship pattern but could also be a server issue is labeled "likely." The tool never claims more certainty than the evidence supports, and if the control sites are also failing, it says "inconclusive" rather than guessing.

Copy-paste prompts

Prompt 1
Using the rkn-block-checker tool, scan a list of websites I suspect are blocked and tell me which layer (DNS, TCP, TLS, or HTTP) each one fails at, then suggest the right circumvention tool for each block type.
Prompt 2
Help me set up rkn-block-checker to run daily via cron, save JSON output to a folder, and build a simple timeline showing when blocking methods changed for specific domains.
Prompt 3
I have rkn-block-checker JSON output for a site that shows a TLS reset, explain what that means in plain terms and whether a VPN or an SNI-scrambling proxy would be the better workaround.
Prompt 4
Write a script that feeds a list of 50 URLs into rkn-block-checker, collects the JSON results, and produces a summary table of block type by domain.

Frequently asked questions

What is rkn-block-checker?

A command-line tool that detects exactly how a website is being blocked, at the DNS, TCP, TLS, or HTTP layer, helping users pick the right circumvention method.

What language is rkn-block-checker written in?

Mainly Python. The stack also includes Python, DNS-over-HTTPS, Cloudflare DNS.

Is rkn-block-checker actively maintained?

Active — commit in last 30 days (last push 2026-06-12).

How hard is rkn-block-checker to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is rkn-block-checker for?

Mainly general.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Scan in gitsafehub Deploy in gitdeployhub mayersscott on gitmyhub

Verify against the repo before relying on details.