This organization I’m working for uses OpenDNS/Cisco Umbrella. I’m confused as to why I’m seeing requests for SSL traffic resolved to
184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199
Are these sinkholed IP addresses? I thought the blockpage IPs were these ones: https://support.opendns.com/hc/en-us/articles/227986927-What-are-the-Cisco-Umbrella-Block-Page-IP-Addresses-
I guess I’m just confused as to how this whole thing works. I’ve tried reading the OpenDNS support but it hasn’t really answered my questions on the IPs above.