Perhaps posting some sample traces to these sites may reveal some clues.

I'm working on some.  To ensure that I don't miss anything, capture "everything" gets too much data to post.  Filtering on one IP address (or network prefix) could miss a SYN to someplace I didn't include in the filter.  If UDP (for DNS) is captured the local NetBIOS noise gets in the say.

It does seem that "some" TCP connections are made.  I can't tell if all are.  SSL seems to be used by the sites that don't fill the screen up on just one mouse click.  Maybe SSL is common in all cases?  I haven't traced each yet.  Here is a quick sample from a Win7 machine to studentloans.gov.  The same site works perfectly via a proxy using the same broswers.

# tcpdump -i em0 -n -vvvvv tcp and host 172.16.8.94
tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size 96 bytes
20:17:00.762224 IP (tos 0x0, ttl 128, id 6947, offset 0, flags [DF], proto TCP (6), length 52)
    172.16.8.94.49325 > 160.109.122.224.80: Flags [S], cksum 0xfbf9 (correct), seq 2006928067, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
20:17:00.831211 IP (tos 0x20, ttl 47, id 0, offset 0, flags [DF], proto TCP (6), length 44)
    160.109.122.224.80 > 172.16.8.94.49325: Flags [S.], cksum 0x8ca6 (correct), seq 1521960731, ack 2006928068, win 5840, options [mss 1380], length 0
20:17:00.831426 IP (tos 0x0, ttl 128, id 6948, offset 0, flags [DF], proto TCP (6), length 40)
    172.16.8.94.49325 > 160.109.122.224.80: Flags [.], cksum 0xbd86 (correct), seq 1, ack 1, win 64860, length 0
20:17:00.831800 IP (tos 0x0, ttl 128, id 6949, offset 0, flags [DF], proto TCP (6), length 332)
    172.16.8.94.49325 > 160.109.122.224.80: Flags [P.], seq 1:293, ack 1, win 64860, length 292
20:17:00.903057 IP (tos 0x20, ttl 47, id 63971, offset 0, flags [DF], proto TCP (6), length 40)
    160.109.122.224.80 > 172.16.8.94.49325: Flags [.], cksum 0xa09f (correct), seq 1, ack 293, win 6432, length 0
20:17:00.903756 IP (tos 0x20, ttl 47, id 63972, offset 0, flags [DF], proto TCP (6), length 547)
    160.109.122.224.80 > 172.16.8.94.49325: Flags [P.], seq 1:508, ack 293, win 6432, length 507
20:17:00.914624 IP (tos 0x0, ttl 128, id 6950, offset 0, flags [DF], proto TCP (6), length 52)
    172.16.8.94.49326 > 160.109.122.224.443: Flags [S], cksum 0xf6e5 (correct), seq 2392274803, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
20:17:00.983549 IP (tos 0x20, ttl 47, id 0, offset 0, flags [DF], proto TCP (6), length 44)
    160.109.122.224.443 > 172.16.8.94.49326: Flags [S.], cksum 0x0f01 (correct), seq 1084086726, ack 2392274804, win 5840, options [mss 1380], length 0
20:17:00.983830 IP (tos 0x0, ttl 128, id 6951, offset 0, flags [DF], proto TCP (6), length 40)
    172.16.8.94.49326 > 160.109.122.224.443: Flags [.], cksum 0x3fe1 (correct), seq 1, ack 1, win 64860, length 0
20:17:00.984829 IP (tos 0x0, ttl 128, id 6952, offset 0, flags [DF], proto TCP (6), length 213)
    172.16.8.94.49326 > 160.109.122.224.443: Flags [P.], seq 1:174, ack 1, win 64860, length 173
20:17:01.057318 IP (tos 0x20, ttl 47, id 55948, offset 0, flags [DF], proto TCP (6), length 40)
    160.109.122.224.443 > 172.16.8.94.49326: Flags [.], cksum 0x2371 (correct), seq 1, ack 174, win 6432, length 0
20:17:01.118383 IP (tos 0x0, ttl 128, id 6953, offset 0, flags [DF], proto TCP (6), length 40)
    172.16.8.94.49325 > 160.109.122.224.80: Flags [.], cksum 0xbc62 (correct), seq 293, ack 508, win 64353, length 0
20:17:05.903769 IP (tos 0x20, ttl 47, id 63973, offset 0, flags [DF], proto TCP (6), length 40)
    160.109.122.224.80 > 172.16.8.94.49325: Flags [F.], cksum 0x9ea3 (correct), seq 508, ack 293, win 6432, length 0
20:17:05.904011 IP (tos 0x0, ttl 128, id 6955, offset 0, flags [DF], proto TCP (6), length 40)
    172.16.8.94.49325 > 160.109.122.224.80: Flags [.], cksum 0xbc61 (correct), seq 293, ack 509, win 64353, length 0
20:17:05.904259 IP (tos 0x0, ttl 128, id 6956, offset 0, flags [DF], proto TCP (6), length 40)
    172.16.8.94.49325 > 160.109.122.224.80: Flags [F.], cksum 0xbc60 (correct), seq 293, ack 509, win 64353, length 0
20:17:05.972551 IP (tos 0x20, ttl 47, id 63974, offset 0, flags [DF], proto TCP (6), length 40)
    160.109.122.224.80 > 172.16.8.94.49325: Flags [.], cksum 0x9ea2 (correct), seq 509, ack 294, win 6432, length 0

^C
16 packets captured
1458 packets received by filter
0 packets dropped by kernel

http://www.tcpiputils.com/browse/ip-address/160.109.122.224       Not sure why showing up on blocklist ofcourse being a noob i could be confused again using tools .  Are all the other sites that you are having problem with HTTPS sites ? If yes try this http://www.broomeman.com/secure-site-error/

https://studentloans.gov/myDirectLoan/index.action 

My policy. You respond, you own it... It's all yours.

---

EG wrote:

My policy. You respond, you own it... It's all yours.

---

?

   Have you removed your router out of the mix  ?

     Interesting just received this message on studentloans.gov site .

               StudentLoans.gov Web Site Outage – Routine System Maintenance.

Due to routine system maintenance, the StudentLoans.gov Web site is unavailable. Please attempt to log in to the Web site at a later time.

We apologize for any inconvenience this outage may cause and appreciate your understanding and patience while we complete this important activity.

---

BostonDriver88 wrote:

---

EG wrote:

My policy. You respond, you own it... It's all yours.

---

?

---

That remark was not directed at you BostonDriver88, please ignore it.

Traceroutes to the sites you're having trouble with would probably be more useful than packet dumps. Also please note that while "studentloans.gov" is a valid domain name, "studentloan.gov" is not.

Could you post the brand and model number of your cable modem or modem/router?

 By all means EGgo ahead . I thought posts are for trying to help others .

                    BUT hey NM .