Why ping works without capability and setuid

I learned from [here](http://unixetc.co.uk/2016/05/30/linux-capabilities-and-ping/) that there's 2 ways to control privileged activities: setuid and capability. But when I'm playing around with ping on my machine, it seems that it can bypass these 2 mechanism. First, confirm that on my machine /usr/bin/ping has cap_net_raw capability and it use SOCK_RAW:

$ ll /usr/bin/ping
-rwxr-xr-x 1 root root 72K Jan 31  2020 /usr/bin/ping

$ getcap /usr/bin/ping
/usr/bin/ping = cap_net_raw+ep

$ strace -e socket ping 
socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC, NETLINK_ROUTE) = 5

Copying the binary will drop the capability but it still works:

$ cp /usr/bin/ping ~

$ ll ~/ping
-rwxr-xr-x 1 user user 72K Nov  4 16:54 /home/user/ping

$ getcap ~/ping
[empty result]

$ ~/ping 
[it works]

I'm using Ubuntu 20.04 and 5.4.0-52-generic.