strange issue with webfilter

I have the following situation:

I have a website that in our config is allowed per cathegory due to FortiGuard rating. 

Now  we want to temporarily have webfilter block that site.

So I added a web rating override to a local cathegory that is set to action block in our webfilter profiles.

However that site does not get blocked. It does get blocked if I do it via static url filter. It also does get blocked (but without blocking page) if I deny it by a policy.

Then tried the same with www.ccc.de and it was blocked by webfilter due to the rating override correctly.

For debugging I had the webfilter debug log running while I tried to access the site:

Log says this;

[334@2136]urlf_query_fgd: id:1187 sess:2136 action:2 error:0 src:1 host:myurl.com url: rate_ip:0 ssl_exemption_query:0
[334@2136]ips_urlf_add_query: id:1187, queue:1, ssl_exemption: 0
[334@2136]urlf_query_fgd: session:2136 suspended, query id:1187

for www.cccc.de it says this:

[334@2128]match_user_category_vdom: Lookup db:0x7f8700d340 cate:142 in vd:0
[334@2128]match_user_category_vdom: Lookup db:0x7f8700d380 cate:143 in vd:0
[334@2128]match_user_category_vdom: Lookup db:0x7f8700d3c0 cate:144 in vd:0
[334@2128]match_user_category_vdom: 'www.ccc.de' matched ucate:144 in vd:0
[334@2128]handle_fgd_answer: sess:2128, id:0, action:1, resume:0, error:0, ftgd_category:0, url_category:144, local_category:144, byip:0, log:1, time:0s
[334@2128]ips_eng_log_webfilter: sess:300431 type:8 action:1 host:www.ccc.de source:0 url:/
[334@2128]ips_set_pkt_urlf_verdict: action=DROP

Here you see  www.ccc.de matched the rating overide to cathegory 144 correctly and hence 144 is set to be blocked in the webfilter profiles it gets action=DROP.

I do not see this in the log (as shown above) for the other url. It also does not matter wether you use http or https and wether you use chrome/edge or firefox. 

I have also opened a ticket with TAC on this but wanted to try here. Maybe someone here has a clue?

greets

Sebastian