I'm in the UK, where ISPs blocking websites is mandated by law (mostly piracy stuff - but they block more benign things too). I am really curious as to what method my ISP actually uses though.

They don't use DNS or, they have some method of forcing your computer to use their DNS via the router or somewhere further upstream. But I think that is unlikely as well because DNS over HTTPS also doesn't bypass their blocks.

I really don't know how else they could be doing it. I really don't like the idea of my ISP knowing which websites I'm visiting even if I use DNS over HTTPS. They're clearly able to distinguish it regardless and I feel that is an invasion of privacy. That is why I want to know what method they are using.

If I were to try to access one of these blocked sites without a VPN on firefox, I get a "SSL_ERROR_RX_RECORD_TOO_LONG", which I imagine is a hint as to what they're doing to the packets.

Does anyone have any idea what my ISP are doing, and more importantly - how much they are able to see through DNS over HTTPS?

I am not a networking expert, I know little about the subject, so I'm not really positioned to figure it out myself.