nmap needs the
ping feature enabled in the firewall that it can recognize a host.
If the host does not respond to "ping probes" it will usually reported as down.
$ nmap -sV -p- 126.96.36.199
Starting Nmap 7.40 ( https://nmap.org ) at 2020-06-30 21:58 WEST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.38 seconds
But when you enable the
-Pn flag the to disable the normal "ping probe" behaviour it is able to scan the host:
$ nmap -Pn 188.8.131.52
Starting Nmap 7.40 ( https://nmap.org ) at 2020-06-30 21:59 WEST
Nmap scan report for a.resolvers.level3.net (184.108.40.206)
Host is up (0.090s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE
53/tcp open domain
Nmap done: 1 IP address (1 host up) scanned in 9.64 seconds
Now that you find all ports blocked might be that the host is blocking your "nmap host" where you run the scan.
Or the scanned host might recognize the "nmap probe pattern" and just ignore it.