When users are trying to block URLs with a hashtag (#) embedded, some legitimate URLs are unintentionally blocked. For example, www.google.com/?gws_rd=ssl#abcdefg is a malicious link and has been added to the Block List, but the user is unable to access Google.
When a complex URL is entered into a browser, only the part of the URL before the fragment (i.e. #) is processed by the browser and matched by Umbrella to block. Thus even if the entire URL is added to the destination list, the part after the anchor will be stripped. In the above example, www.google.com/?gws_rd=ssl#abcdefg becomes www.google.com/?gws_rd=ssl, and the user's access to Google is now blocked.