When you reach a block page, there is diagnostic information at the bottom that you can expand for details. You can use this information to help test your configuration and sometimes support will request a screenshot of it.
Here's an example block page with the diagnostic info tab expanded:
Also see our article, How To Determine Which Policy Is Being Applied In My Umbrella Configuration, for more information on how to troubleshoot your policy configuration.
ACType: This is only useful for support.
Block Type: The category the block falls under; the reason the page is blocked. Types include:
- aup — Content category
- domainlist — Destination list
- security — Dynamic DNS, Command and Control, Malware, Unauthorized IP Tunnel Access, Newly Seen Domains, Potentially Harmful, DNS Tunneling VPN, Third-party feeds (AMP, ThreatGrid, etc.)
- phish — Phishing
- dlink-phish — Phishing via D-Link's Advanced DNS
Bundle ID: The identifier of the applied policy.
Domain Tagging: This is only useful for support.
Host: The landing page. These include:
- block.opendns.com — aup, domainlist
- malware.opendns.com — security
- phish.opendns.com — phish
- www1.dlinksearch.com — dlink-phish
- bpb.opendns.com — Block Page Bypass
IP Address: Public IP address of the machine.
Org ID: The Organization ID of the network the machine is on.
Origin ID: This is only useful for support.
Prefs: This is only useful for support.
Query: This is only useful for support.
Server: The server the machine used to make the query. See our locations here.
Time: The time the query was made in UTC.