The blocking techniques of at least one major ISP has evolved in the last few months;
It used to be that citizens could simply switch to using a public DNS to get a correct response.
That stopped working a few months ago, and now they are responding with the IP of a government server that mentions the site is banned (i forget the details)…
Anyway, one fix to this man-in-the-middle attack is to use DNSCrypt, which prevents third parties from eavesdropping and/or hijacking your browser.
Encrypting DNS really should be considered best practices now, and it probably belongs in one of the guides somewhere.