Browse Admin Console
- Application categories (Zero Trust app management)
- Active Directory group policies
- Content categories
- Custom block pages
- Don't mix DNS providers
- Prevent DNS bypass
- Safe Search explained
- Safe Search supported search engines
- Security categories
- Working with policies
- Working with allow and block lists
- YouTube Restricted Mode explained
Check domain classification with the Lookup Tool
Look up how ScoutDNS classifies any domain, see threats and category history, and submit reclassification or malicious-domain reports directly from the console.
The Lookup Tool in the Admin Console shows how ScoutDNS classifies any domain, whether it’s currently flagged as a threat, and any recent category changes. Use it to:
- Verify how a site will be filtered before deploying a policy change.
- Troubleshoot why specific traffic is allowed or blocked.
- Confirm whether a domain is being blocked for security reasons (threat) vs content reasons (category).
- Submit reclassification or malicious-domain reports to the ScoutDNS classification team.
Open the Lookup Tool
Open the Help and Support tab in the lower-left nav and select Lookup Tool.
The page has three regions:
- Recent, a list of recently-looked-up domains on the left.
- Domain or URL search bar across the top.
- Results panel in the main area.
Search a domain
-
Type the domain (or URL, only the host portion is used) in the Domain or URL field.
Example:
bankamerica.com -
Click the red Search button.
-
The results panel updates with classification and threat data.
[!TIP] Click any entry in the Recent list to re-run a previous lookup. Useful when bouncing between several related domains while tuning a policy.
Understanding the results
FQDN card
| Field | Meaning |
|---|---|
| FQDN | The fully qualified domain name evaluated |
| FQDN Categories | The primary category ScoutDNS has assigned (e.g. Financial) |
| FQDN Category Types | The high-level type, such as Content (Information) |
These three fields determine how the domain is treated by your content-filtering policies.
Threats Detected
Indicates whether the domain is flagged by ScoutDNS threat intelligence.
- None, no active threats associated with this domain.
- Otherwise, lists the active threat types (phishing, malware, command-and-control, etc.).
This is the fastest way to confirm whether a domain is being blocked for security reasons versus content-category reasons.
Parent Domain & Categories
Shows how the parent (apex) domain is classified.
| Field | Meaning |
|---|---|
| Parent Domain | The base domain (e.g. bankamerica.com) |
| Parent Categories | Categories applied at the parent level |
An FQDN that has no specific classification of its own inherits from the parent domain.
Category History (last 7 days)
A table of any classification changes for the domain over the past week.
| Column | Meaning |
|---|---|
| Date | When the category was applied or changed |
| Category | The category in effect on that date |
If the table shows No rows found, the classification hasn’t changed in the last seven days.
Report a domain
If a domain looks mis-categorized or you suspect it’s malicious, submit a report directly from the Lookup Tool.
Open the report dialog
- Look up the domain.
- Click the Report button above the results.
- The Report Domain dialog opens for that specific domain.
Report types
Two options, not mutually exclusive, select one or both:
| Option | Use when |
|---|---|
| Reclassify | The domain is legitimate but in the wrong category, or currently classified as Unknown. Example: a business site categorized as Shopping that should be Business & Economy. |
| Report Malicious | You believe the domain is malicious or abusive (phishing, malware, spam, etc.). Flags the domain for security review, not just category adjustment. |
Suggested Category (optional)
When Reclassify is selected, pick the most appropriate category from the Suggested Category dropdown. This helps the classification team understand how the domain should be treated.
Comment (required)
[!IMPORTANT] The Comment field is required. A report submitted without a comment will be rejected with “Comment is required” highlighted in red.
Helpful things to include in the comment:
- Why the current classification is wrong.
- How the site is actually used. Example: “Internal helpdesk portal for our support team.”
- Evidence of malicious behavior. Example: “Users received phishing emails linking to this domain. Sample headers attached.” You can also paste links to third-party reputation reports.
Other actions
| Button | Action |
|---|---|
| Report | Send a reclassification or malicious-domain report. |
| Refresh (circular arrow next to Report) | Re-query the domain to pull in the latest category and threat data. Useful right after a known classification change has been applied. |
Related
- Working with policies
- Content categories
- Security categories
- Working with allow and block lists, for when you want to override a classification locally rather than waiting for a reclassification