Press "Enter" to skip to content

How does my ISP block IP’s? And how do i find out from the command line? [on hold]

        <h2>Summary</h2>
My country blocks specific websites. But everything i try to determine if an IP is blocked from the command line looks as if nothing is wrong..

Setup:

  • OS: Ubuntu 18.04
  • Firewall: ufw
  • DNS: dnsmasq -> dnscrypt-proxy

By default when you try to access a blocked site, you get redirected to some shitty website telling you your requested website is blocked, but the DNS packages i have prevent this from happening and my browser just gives me a "ERR_CONNECTION_TIMED_OUT" error. The problem is i can't find any way to test if an ip:port is blocked from the command line! when i run commands like ping or nmap, everything seems fine?
@Ubuntu:~$ ping facebook.com
PING facebook.com (185.60.216.35) 56(84) bytes of data.
64 bytes from edge-star-mini-shv-01-frx5.facebook.com (185.60.216.35): icmp_seq=1 ttl=51 time=194 ms
64 bytes from edge-star-mini-shv-01-frx5.facebook.com (185.60.216.35): icmp_seq=2 ttl=51 time=137 ms
64 bytes from edge-star-mini-shv-01-frx5.facebook.com (185.60.216.35): icmp_seq=3 ttl=51 time=176 ms
64 bytes from edge-star-mini-shv-01-frx5.facebook.com (185.60.216.35): icmp_seq=4 ttl=51 time=138 ms
64 bytes from edge-star-mini-shv-01-frx5.facebook.com (185.60.216.35): icmp_seq=5 ttl=51 time=137 ms
@Ubuntu:~$ nmap -v -n -p 443 facebook.com

Starting Nmap 7.60 ( https://nmap.org ) at 2019-10-05 18:32 +0330
Initiating Ping Scan at 18:32
Scanning facebook.com (185.60.216.35) [2 ports]
Completed Ping Scan at 18:32, 0.20s elapsed (1 total hosts)
Initiating Connect Scan at 18:32
Scanning facebook.com (185.60.216.35) [1 port]
Discovered open port 443/tcp on 185.60.216.35
Completed Connect Scan at 18:32, 0.14s elapsed (1 total ports)
Nmap scan report for facebook.com (185.60.216.35)
Host is up (0.19s latency).
Other addresses for facebook.com (not scanned): 2a03:2880:f10c:83:face:b00c:0:25de

PORT    STATE SERVICE
443/tcp open  https

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.39 seconds

More info:

Using traceroute didn't help either, i tried running it to check if there are any identical IP's where my ISP would normally redirect me from but after running it on a bunch of blocked sites, the only identical IP's were the first three which were the same for even unblocked websites.
Here's just an example:
@Linuxity:~$ traceroute facebook.com
traceroute to facebook.com (157.240.7.35), 30 hops max, 60 byte packets
 1  _gateway (192.168.1.1)  2.877 ms  3.273 ms  3.666 ms
 2  172.16.64.130 (172.16.64.130)  19.367 ms  19.351 ms  19.730 ms
 3  172.16.64.129 (172.16.64.129)  22.544 ms  23.412 ms  26.600 ms
 4  10.201.177.241 (10.201.177.241)  26.531 ms 78.38.119.182 (78.38.119.182)  26.525 ms  28.056 ms
 5  10.202.4.81 (10.202.4.81)  36.639 ms  36.721 ms 10.202.4.83 (10.202.4.83)  38.536 ms
 6  ae9.pr01.fra4.tfbnw.net (103.4.96.16)  121.736 ms 10.21.0.11 (10.21.0.11)  15.810 ms  24.001 ms
 7  * * ae9.pr01.fra4.tfbnw.net (103.4.96.16)  107.712 ms
 8  ae112.ar02.fra2.tfbnw.net (157.240.32.80)  114.766 ms ae7.ar02.fra5.tfbnw.net (129.134.34.196)  110.779 ms *
 9  ae31.bb02.fra2.tfbnw.net (74.119.78.118)  115.634 ms ae104.bb01.fra5.tfbnw.net (31.13.29.230)  116.034 ms ae3.ar01.fra5.tfbnw.net (157.240.42.142)  117.008 ms
10  ae4.bb02.fra5.tfbnw.net (31.13.26.8)  118.242 ms ae32.bb02.fra2.tfbnw.net (204.15.23.2)  122.129 ms ae103.bb02.fra5.tfbnw.net (31.13.29.210)  121.628 ms
11  ae21.bb04.cdg1.tfbnw.net (204.15.20.228)  141.073 ms ae2.bb02.ams2.tfbnw.net (74.119.78.92)  136.841 ms ae8.bb04.lhr2.tfbnw.net (74.119.76.65)  171.980 ms
12  ae8.bb03.lhr2.tfbnw.net (31.13.30.195)  150.517 ms ae27.bb01.lhr6.tfbnw.net (157.240.44.19)  153.609 ms ae4.bb02.bos2.tfbnw.net (157.240.32.196)  191.924 ms
13  ae2.bb02.lhr6.tfbnw.net (157.240.32.189)  151.717 ms ae4.bb01.bos2.tfbnw.net (157.240.32.192)  195.337 ms ae4.bb01.lhr6.tfbnw.net (74.119.78.45)  155.125 ms
14  ae41.bb03.ord1.tfbnw.net (74.119.77.221)  207.808 ms ae75.bb02.ord1.tfbnw.net (129.134.41.15)  209.799 ms ae7.bb03.cle2.tfbnw.net (74.119.79.251)  207.500 ms
15  ae4.bb01.sea1.tfbnw.net (204.15.20.35)  268.162 ms ae75.bb02.ord1.tfbnw.net (129.134.41.15)  214.541 ms ae57.bb04.ord1.tfbnw.net (129.134.41.13)  217.299 ms
16  ae15.bb02.hnd2.tfbnw.net (157.240.43.22)  344.419 ms ae14.bb02.hnd1.tfbnw.net (157.240.43.26)  340.486 ms ae14.bb01.hnd2.tfbnw.net (157.240.33.232)  336.966 ms
17  ae4.bb01.hnd1.tfbnw.net (157.240.33.226)  332.048 ms ae6.bb01.hnd1.tfbnw.net (157.240.33.228)  345.917 ms ae12.bb02.sea1.tfbnw.net (173.252.65.43)  253.297 ms
18  ae4.ar01.sin2.tfbnw.net (129.134.41.39)  417.365 ms ae41.ar03.sin1.tfbnw.net (129.134.32.47)  438.727 ms ae16.bb02.hnd2.tfbnw.net (157.240.43.24)  347.588 ms
19  ae45.ar03.sin1.tfbnw.net (157.240.33.29)  416.784 ms po241.asw01.sin1.tfbnw.net (129.134.32.69)  425.279 ms ae46.ar01.sin1.tfbnw.net (157.240.33.41)  422.026 ms
20  po241.asw01.sin1.tfbnw.net (129.134.32.69)  425.150 ms po211.asw01.sin2.tfbnw.net (157.240.47.61)  423.578 ms po221.psw03.sin6.tfbnw.net (157.240.41.183)  420.753 ms
21  173.252.67.95 (173.252.67.95)  425.258 ms po721.psw02.sin6.tfbnw.net (157.240.34.89)  421.307 ms po211.asw01.sin1.tfbnw.net (157.240.35.1)  419.850 ms
22  edge-star-mini-shv-01-sin6.facebook.com (157.240.7.35)  423.597 ms 173.252.67.177 (173.252.67.177)  437.202 ms 173.252.67.85 (173.252.67.85)  404.466 ms

Updates:

I'll keep this post updated with any requested information/outputs, I would love to hear any answer i can get, Thanks!

Be First to Comment

Leave a Reply

%d bloggers like this: