A URL is classified as a 'Newly Observed Domain' when its domain name is not found in the database and is detected for the first time by the FDN server.

To allow a URL that is categorized as ‘Newly Observed Domain’, use the web rating override.

To override the FortiGuard web rating:

1. Go to Security Profiles, choose Web Rating Overrides, and select Create New.
2. In the URL field, enter the website's URL for recategorization. Avoid using wildcard expressions or including HTTPS in the URL.
3. Select 'Lookup Rating' to confirm that the URL's current categorization is set to the subcategory 'Newly Observed Domain' and falls under the 'Security Risk' category.
4. Select the new category as 'Custom Categories' in the category drop-down menu for the Website URL and select a subcategory.

5. Select OK
6. After creating the override, navigate to the web filter profile and choose an action for the new category.  In the example, 'www.newwebsite1234.com' is categorized as a 'Newly Observed Domain' and is overridden by the 'custom1' category.

To whitelist the domain, the action for the 'custom1' category should be set to Allow or Monitor.

7. Select OK
8. Enable the web filter in the policy. 

Propagation Delay:

After creating a Web Rating Override, FortiGate will use its local override immediately, but FortiGuard Cloud rating remains unchanged globally.

Verify it via CLI:

diagnose webfilter ftgd-cache clear

diagnose webfilter ftgd-stat

Related article:

Troubleshooting Tip: Web Page Blocked-Access Denied for newly registered domain