The DarkLayer Guard module protects your users by blocking access to malicious websites. This feature is updated regularly and does not require any administration or maintenance on your part.
The DLG cannot display the Thor block page when a HTTPS address is blocked because HTTPS needs a certificate validation.
For example, if you decide to block Facebook for your users, each time one of your users tries to go on facebook.com the local endpoint browser will receive the above error, because facebook.com uses the https protocol. That means that when the user tries to access facebook.com, the browser expects a certificate validation from Facebook. The validation will not be received and instead the browser session will receive the Heimdal Security certificate, therefore the request will fail.
If the administrator is interested in finding out the threat types vs. the hostnames, there is a special view inside the dashboard management interface. This view, also known as the “threat tab” will show the most blocked threat type from the target environment.