Kazakhstan Live - Censored Planet

Kazakhstan's HTTPS Interception Live!

This page is updated with new data every 10 minutes

This post describes our analysis of carrier-level HTTPS interception ordered by the government of Kazakhstan.

The Kazakhstan government recently began using a fake root CA to perform a man-in-the-middle (MitM) attack against HTTPS connections to websites including Facebook, Twitter, and Google. We have been tracking the attack, and in this page, we provide live results from our measurements of the evolving Kazakh interception system.

Number of Vantages Observing MitM in current scan:

Domains Number of Vantages observing blocking (Out of 6736 measured)

Number of Vantages Observing MitM in previous scans:

Incrementing TTL Mreasurement: Hop before which response was received

The following table shows the Top 5 IPs at which injected responses were received.

Hop IP Number of Instances 44 33 31 27 20

Domains Triggering MitM:

The following domains have triggered MitM in Kazakhstan so far in our present scan

allo.google.com, dns.google.com, docs.google.com, encrypted.google.com, groups.google.com, hangouts.google.com, mail.ru, maps.google.com, messages.android.com, news.google.com, picasa.google.com, plus.google.com, sites.google.com, translate.google.com, twitter.com, video.google.com, www.facebook.com, www.google.com, www.instagram.com, www.messenger.com, www.xvideos.com, www.youtube.com, google-analytics.com, apps-455676461606571.apps.fbsbx.com

The following domains have triggered MitM in Kazakhstan since the beginning of the measurements

allo.google.com, android.com, cdninstagram.com, dns.google.com, docs.google.com, encrypted.google.com, facebook.com, goo.gl, google.com, groups.google.com, hangouts.google.com, instagram.com, mail.google.com, mail.ru, messages.android.com, messenger.com, news.google.com, ok.ru, picasa.google.com, plus.google.com, rukoeb.com, sites.google.com, sosalkino.tv, tamtam.chat, translate.google.com, twitter.com, video.google.com, vk.com, vk.me, vkuseraudio.net, vkuservideo.net, www.facebook.com, www.google.com, www.instagram.com, www.messenger.com, www.youtube.com, youtube.com, www.xvideos.com, maps.google.com