The easiest ways to block web sites are by DNS name, IP address or by filtering content through a (transparent) proxy, possibly using cloned certificates. A more advanced system would inspect actual packet content ("deep packet inspection"), and could detect signatures even for some encrypted connections, like TLS handshakes. The latter is what comes closest to your idea of a "template" (signature).
If you couldn't reach "facebook.com" but was able to access the site via "fb.com", DNS-, proxy- or simple packet inspection was being used. There's not much you can do to avoid this, as the systems may be inspecting the return traffic from external sites against a signature database.
You may want to check if your ISP uses cloned SSL certificates. Check the hash fingerprints of the SSL certificates on any non-local HTTPS site against a fingerprinting service (like
this one from GRC). If they don't match, someone is eavesdropping on your encrypted connections.
I'm sorry your Internet connection is being censored. If the government is behind it, you can be reasonably sure they bought the packet inspection software from some western company.
If TOR isn't working for you, you could try
I2P. But please be careful, and make sure to take into account the risk of being harassed, arrested or worse.