FQDN Host not updating? - Allow HTTP/ HTTPS Traffic to FQDN Host

Hello together,

I am trying to allow traffic to specific websites using firewall rules with FQDN-Hosts as Destination. Unfortunately this is not alwas working as expected:

I try to reach github assets under https://github-production-release-asset-xxxxxx.s3.amazonaws.com

Therefore I allowed *.s3.amazonaws.com as host.

in 19 out of 20 trys this is working perfectly. In 1 out of 20 no connection is possible and I see a blocked in the Firewall.

Theese are some thisgs I already figured out:

- s3.amazonaws.com as a massiv (speaking of several ten thousands) amount of public IPs

- As far as I can see the list of IPs associated with an FQDN-Host updates after an succesfull DNS resloution made by the sophos (This is qhy I added the Sophos as DNS Server for all my Clients)

- When the connection is blocked the IP List wasn't updated  so the blocked Ip does not appear in the IP List.

Do you guys have any ideas of how to resolve this issue?

Kind regards

Jonas