Why Palo Alto Networks URL filtering test site is categorized not as "proxy-avoidance-and-anonymizers" but "computer-and-internet-info" wrongly?

When the following URL filtering test site is accessed, it is not identified as the correct category.

urlfiltering.paloaltonetworks.com/test-Proxy-Avoidance-and-Anonymizers/

• PAN-OS 10.1, 10.2, 11.0, 11.1, 11.2
• URL filtering

When the URL is accessed normally with a browser, HTTPS is used instead of HTTP.

Since recent browsers no longer display "http://" or "https://" in the address bar,  it's difficult to distinguish which way is used. 

{Arress bar in Google Chrome]

When the URL is accessed with HTTPS, the URL field included in the "HTTP GET" is encrypted and the Next-Generation Firewall is not able to determine this.

In that case, the Next-Generation Firewall refers to the SNI(Server Name Indication) field included in the SSL Client Hello.

However, the SNI field only describes the hostname. 

[Client Hello capture decode on Wireshark]

As a result, the hostname "urlfiltering.paloaltonetworks.com" is categorized as "computer-and-internet-info".

If you use the URL Filtering test page, please access using the full URL including "http://" or enable the Decryption feature.

Please refer to this article for SSL decryption configuration.
How to Configure SSL Decryption