Analysis updated 2026-07-03 · repo last pushed 2026-06-12
Determine whether a blocked site is blocked by DNS poisoning or deep packet inspection so you can pick the right workaround.
Run on a schedule and save JSON snapshots to track how censorship patterns change over time.
Generate evidence of specific blocking mechanisms for bug reports or advocacy documentation.
| mayersscott/rkn-block-checker | lightseekorg/tokenspeed | beenuar/aisoc | |
|---|---|---|---|
| Stars | 1,554 | 1,542 | 1,479 |
| Language | Python | Python | Python |
| Last pushed | 2026-06-12 | 2026-07-03 | 2026-06-30 |
| Maintenance | Active | Active | Active |
| Setup difficulty | easy | hard | hard |
| Complexity | 2/5 | 4/5 | 4/5 |
| Audience | general | developer | ops devops |
Figures from each repo's GitHub metadata at analysis time.
Python command-line tool with no external infrastructure required beyond an internet connection.
RKN Block Checker is a command-line tool that tells you not just whether a website is blocked on your connection, but exactly how it's being blocked. It's designed for people in Russia dealing with state-mandated internet censorship (RKN refers to Roskomnadzor, the Russian telecom regulator), but it's useful for anyone who needs to understand the specific mechanism their ISP or government is using to interfere with traffic. When a site won't load, your browser just says "this site can't be reached." That's not very helpful if you want to do something about it. This tool checks each layer of the connection, DNS, TCP, TLS, and HTTP, one at a time and reports which layer broke and what that failure looks like. For example, if your ISP's DNS is lying about a site's address, that's a DNS block. If the connection works at the TCP level but dies the moment you try to establish an encrypted TLS connection, that's a signature of deep packet inspection (DPI) watching for the site's name in the handshake. If you get a response but it's an ISP-controlled "blocked" page, that's an HTTP stub. The people who'd use this are journalists, activists, network engineers, or anyone trying to choose the right circumvention tool. If your block is DNS-based, changing your DNS resolver might fix it. If it's TLS-based DPI, you'd need something that hides the site name, like a VPN or a tool that scrambles the SNI field. Knowing the block type determines your workaround. It's also useful for filing bug reports or documenting censorship patterns over time, you can run it on a schedule and save JSON snapshots to track how blocking changes. A few things stand out about the approach. The tool compares your system's DNS results against Cloudflare's DNS-over-HTTPS, which the ISP can't easily intercept, to detect DNS poisoning. It also checks the full set of returned IP addresses rather than just the first one, which avoids false positives from normal load balancing. Confidence levels are calibrated honestly: a confirmed DNS mismatch is labeled high confidence, while a TLS reset that matches a known censorship pattern but could also be a server issue is labeled "likely." The tool never claims more certainty than the evidence supports, and if the control sites are also failing, it says "inconclusive" rather than guessing.
A command-line tool that detects exactly how a website is being blocked, at the DNS, TCP, TLS, or HTTP layer, helping users pick the right circumvention method.
Mainly Python. The stack also includes Python, DNS-over-HTTPS, Cloudflare DNS.
Active — commit in last 30 days (last push 2026-06-12).
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly general.
This repo across BitVibe Labs
Verify against the repo before relying on details.