Whitelisting a single domain problems

Hi everyone,

I want to whitelist a single domain. I tried two outbound access rules, the top one allowing traffic to the domain (ie “domain.com”) and the bottom one blocking all traffic. I can not access the whitelisted domain.

Any ideas?

P.S. - I see two IPs for this particular domain in the event log being denied. When I add those to grouped network and change the top rule to allow those two IPs, it works.