So, I work for a USG agency, and they're sticklers about things like code injection.
The 404 page for the base website (i.e. https://vdi.your.org - the one that presents the client download or HTML login) apparently has code in it to include the "fake" page you asked for ( https://vdi.your.org/fake_page_call_212_555_1212_for_why ) in the 404 page presented.
Does anybody know where the code for this error is?