Just wanted to query the community before engaging support on this issue.
Have an issue where occasionally sites will come back with a malicious categorization, however by doing a manual forward and reverse lookup the sites and IP's don't belong to those category. (Leveraging custom URL checker page to check local and cloud database categorization). It seems to happen with hosted sites that have large IP pools.
I'm suspecting a URL setting of "Disable local GTI database" causing the issue. It seems that the cloud lookup coming back occasionally flips categorization. But if you lookup the IP and domain right away it comes back proper. (Internet services etc). It's intermittent so re-enabling the local GTI database "may" resolve the issue, cannot be confirmed 100%. No errors relating to GTI present. Up to date Main release install.
If anyone has a similar experience I would appreciate hearing.