A General Doubt

I work in a institute where accesss to some websites has been blocked and any attempt to open them in browser results in a custom message.

But a TCP Traceroute using hping3 or Nmap shows that the request is reaching the website server.

(IP address verified using nslookup on the same network, even nslookup working)

So what exactly is happening here?

Can anyone explain ?

Edit : I am attaching the traceroute output along with the browser output.

root@kali:~# ifconfig eth0

eth0 Link encap:Ethernet HWaddr 84:34:97:6f:ac:40

inet addr:172.17.18.166 Bcast:172.17.18.255 Mask:255.255.255.0

inet6 addr: fe80::8865:97ff:fe6f:ac40/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:5014 errors:0 dropped:0 overruns:0 frame:0

TX packets:55 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:389682 (380.5 KiB) TX bytes:4683 (4.5 KiB)

root@kali:~# nslookup ign.com

Server: 172.24.2.71

Address: 172.24.2.71#53

Non-authoritative answer:

Name: ign.com

Address: 54.208.208.217

root@kali:~# traceroute ign.com

traceroute to ign.com (54.208.208.217), 30 hops max, 60 byte packets

1 172.17.18.254 (172.17.18.254) 3.844 ms 3.891 ms 4.185 ms

2 172.24.0.254 (172.24.0.254) 2.538 ms 2.613 ms 2.660 ms

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

root@kali:~# hping3 -z -t 1 -S ign.com -p 80

HPING ign.com (eth0 54.209.144.209): S set, 40 headers + 0 data bytes

TTL 0 during transit from ip=172.17.18.254 name=UNKNOWN

TTL 0 during transit from ip=172.17.18.254 name=UNKNOWN

2: TTL 0 during transit from ip=172.24.0.254 name=UNKNOWN

TTL 0 during transit from ip=172.24.0.254 name=UNKNOWN

TTL 0 during transit from ip=172.24.0.254 name=UNKNOWN

3: len=46 ip=54.209.144.209 ttl=62 DF id=0 sport=80 flags=SA seq=22 win=5840 rtt=0.6 ms

len=46 ip=54.209.144.209 ttl=62 DF id=0 sport=80 flags=SA seq=23 win=5840 rtt=0.6 ms

len=46 ip=54.209.144.209 ttl=62 DF id=0 sport=80 flags=SA seq=24 win=5840 rtt=0.5 ms

len=46 ip=54.209.144.209 ttl=62 DF id=0 sport=80 flags=SA seq=25 win=5840 rtt=0.5 ms

4: len=46 ip=54.209.144.209 ttl=62 DF id=0 sport=80 flags=SA seq=26 win=5840 rtt=0.4 ms

len=46 ip=54.209.144.209 ttl=62 DF id=0 sport=80 flags=SA seq=27 win=5840 rtt=0.8 ms

^C

--- ign.com hping statistic ---

28 packets transmitted, 11 packets received, 61% packet loss

round-trip min/avg/max = 0.4/0.6/0.8 ms

root@kali:~# nmap --traceroute ign.com

Starting Nmap 6.47 ( http://nmap.org ) at 2015-01-27 14:16 UTC

Nmap scan report for ign.com (54.209.144.209)

Host is up (0.00043s latency).

rDNS record for 54.209.144.209: ec2-54-209-144-209.compute-1.amazonaws.com

Not shown: 997 filtered ports

PORT STATE SERVICE

21/tcp open ftp

80/tcp open http

443/tcp open https

TRACEROUTE (using port 443/tcp)

HOP RTT ADDRESS

1 0.77 ms 172.17.18.254

2 0.42 ms 172.24.0.254

3 ...

4 0.48 ms ec2-54-209-144-209.compute-1.amazonaws.com (54.209.144.209)

Nmap done: 1 IP address (1 host up) scanned in 23.02 seconds