• The website is categorized correctly by checking in: FortiGuard web filter lookup.
• Using static URLs to block this website or using web rating override to override this website to another one will not help.
• In the forward logs is seen that this website is related to CloudFlare.

eventtime=1729788324734273772 tz="-0700" logid="0317013312" type="utm" subtype="webfilter" eventtype="ftgd_allow" level="notice" vd="root" policyid=14 poluuid="062105c8-919c-51ef-c75a-250268491a04" policytype="policy" sessionid=1327 srcip=10.1.10.1 srcport=56430 srccountry="Reserved" srcintf="port2" srcintfrole="undefined" srcuuid="fb73f05a-919a-51ef-6819-878047fdfc5f" dstip=172.67.223.251 dstport=443 dstcountry="United States" dstintf="port1" dstintfrole="undefined" dstuuid="fb73f05a-919a-51ef-6819-878047fdfc5f" proto=6 service="HTTPS" hostname="cloudflare-ech.com" profile="webfilter_profile" action="passthrough" reqtype="direct" url="https://cloudflare-ech.com/" sentbyte=1952 rcvdbyte=0 direction="outgoing" msg="URL belongs to an allowed category in policy" ratemethod="domain" cat=52 catdesc="Information Technology"

CloudFlare DNS may use the same IP addresses for different domains. This is completely normal and part of how reverse proxy and CDN (Content Delivery Network) services work. CloudFlare acts as an intermediary between visitors and the websites’ actual servers (origin). When a domain is using CloudFlare, its public IP address will be one of CloudFlare’s IP addresses, not the actual IP of the website’s server. This is why blocking only the IP can block other websites contained in CloudFlare's DNS.

Workaround:

1. Use deep inspection in firewall policy, or:
2. Block CloudFlare in Web Filter Profile with a static URL.

CLI:

config webfilter urlfilter
    config entries
        edit 1

            set url "*cloudflare*"
            set type wildcard
            set action block
        next
end

GUI:

Related article: 

Technical Tip: How to block TLS 1.3 Encrypted Client Hello (ECH) in FortiGate firewalls