Cisco Umbrella seems to be some type of security product for networks. Are you using a computer belonging to your employer or with employer software installed? They could be MITMing you. It seems odd that the Tor project would be using a Cisco product like that.
OpenDNS/Cisco Umbrella is basically a DNS-level security service that analyzes your DNS queries, blocks known malware domains, etc.
For some high-risk domains - depending on some settings - it will also switch to MitM'ing the connection to take a closer look at the traffic and block it on that level if necessary. It might also just be necessary to show the "This domain is blocked" page when you're requesting a site via https. Usually, your employer would pre-install their CA certificate, which would bypass the HSTS warning, but I suppose this might be a BYOD setting (or they just forgot/didn't like the idea of Cisco being able to MitM all the things).
sha1 - 3B:AE:49:04:9E:6A:3D:BE:96:08:60:F0:9B:6B:2F:03:4F:E9:8C:43