One web site not working/subnet not routing behind OPNsense

[ChargerDad]

I have one website I use for work that does not work through OPNsense.  There may be other sites, but one that I am aware of.  I'm running Unbound, Crowdsec, Suricata on the WAN interface, and Zenarmor.

I can use curl to get to it from the CLI of OPNsense, but it won't load from clients behind OPNsense, and it still fails from clients behind the firewall with all three of those (Crowdsec, Suricata, Zenarmor) disabled, well at least I attempted to disable them, not sure if the Crowdsec rules are still in effect or not.. 

Unbound logs show name resolution, plus i do see the outbound request in the packet capture on the client. Firewall logs don't even show any traffic to the destination IP that DNS and packet captures from the client show the traffic should go to.  Traceroute from clients behind OPNsense doesn't show a response from the next hop, which would be OPNsense..   

If I go to Reporting->Insight->Details and filter for the destination IP, I DO see matches on the LAN interface, but not on the WAN, so something on the firewall appears to be dropping the packets.  The IP is in a subnet that seems to go through clouldflare and is hosted by wordpress host WPEngine.  Any thoughts on where I can look to see where it's failing?

[ChargerDad]

It was Crowdsec..  a little new with this stuff, but found it Firewall->Diagnostics->Aliases->crowdsec_blocklists, purged that list, all of which were in the subnet that I was having trouble getting to, at a WordPress hosting provider..