Content Filtering policy setup to allow (or at least, no policy to deny) access to a certain website, but users are still receiving a Blocked result when trying to access it, usually stating that the webpage in question contains Spyware or other malicious software.
Verifying the URL in question with WebPulse Site Review Request does not show any abnormal result or malicious category.
This is because either the URL, or the IPs associated with it, are categorized under a malicious category ("Malicious Outbound Data / Botnets" or "Malicious Sources / Malnets", or "Placeholder" or not categorized at all, in case you are blocking unknown content and Placeholders)
Add traffic to Trusted Destinations:
1. Navigate to the WSS portal
2. Select Policy from the left-hand menu
3. Select Threat Protection
4. Select Trusted Destinations (G2 rule)
5. Select traffic from the available list and select add OR Select "New" to define a new IP, domain, etc.
6. Click Save
7. Be sure to click "Activate Policy" to ensure that the changes are applied.
NOTE: Be advised that this is only a workaround, and should only be applied if access to the resource is necessary and you are sure that the site is clean since this workaround will turn off the AV and categorization scan for those URLs / IPs.
If desired, create a new policy in the Content Filtering Rules to restrict broad access to the site(s). The policy can be used to restrict the access to only certain users, groups or access method for specific sites listed under Trusted Destinations.