it's extremely unlikely that the plane wifi would be configured that way. trying to use a host file to make github.com respond on acwifi.com was definitely a red herring. It led to figuring out 53 was open, but was definitely not how the filtering was working
Also, this doesn't resolved the non sequitur in the OP. It claims there might be DNS blocking, not deep packet inspection. Also cloudflare has encrypted client hello turned on by default and the only domain that shows up for https connections in this case is cloudflare-ech.com, so if any Cloudflare website is whitelisted it would have to allow this domain, and consequently any other Cloudflare website.
