blocked in Azerbaijan

Starting the 8th of November 2019, we monitored a sudden drop of traffic coming from inside Azerbaijan from mobile operator Bakcell, AS197830 and other providers routed via Azertelecom AS196925.

Mobile traffic coming from the prefix dropped suddenly

descr:          Bakcell-Route-
origin:         AS197830

As it is not the first time that authorities and (mobile) carriers blame technical problems or temporary infrastructure glitches, we conducted one week of testing so as to determine if this was a infrastructure problem or an intentional blocking of the website.

To verify the blocking we moved the website to another network location and customized some anti-blocking technical measurements for the website.

One week after, starting the morning of the 6th of December, the problem re-appeared with similar blocking signatures that the previous events of November.

Signatures show blocking by means of “Deep Packet Inspection”

Non encrypted connections receive a “RESET” packet that tears down the connections. User receives the message “This site can’t be reached. The connection was reset.”

Encrypted connections timeout as the session is silently discarded and the user receives the error ERR_TIME_OUT

More networks affected

Although we conducted our study looking into traffic from Bakcell, we can also see the same type of blocking in mobile users coming from Nar Mobile, Azerfon

In order to determine the networks affected by the blocking, we reviewed all the peers of Azertelecom AS196925 and confirmed that at least these providers also drop the traffic.

 AS15815 INTRA Network Systems Ltd
 AS39232 Uninet
 AS39280 Ultel LLC
 AS42779 Azerfon LLC 


The collected forensic evidence makes us believe that the website is currently blocked by means of Deep Packet Inspection and providers routed upstream by Azertelecom including mobile operators Bakcell and Nar (Azerfon) show similar signs of blocking.