Well, in this scenario the user isn't supposed to have access to the (DNS) configuration. But one could still enter a raw IP address in the browser - e.g. a friend who has an unlocked device could ping the site to get it. But if one accesses a website by IP, since the links and the Ajax often need DNS resolution (CDNs etc.), the content will probably be blocked for the most part.

Like copy protection, the scheme is probably not entirely waterproof, but it can nonetheless act as a deterrent.