Checked reputation of this url and not seeing any poor reputation of it. Some of the sites are categorizing it under internet and info.
I understand that you want to access 'shodan.io' and it was blocked as a hacking site. There are a couple of ways.
(a) you can override your URL filtering object and allow hacking sites.
(b) Depending on the PAN-OS, you can add one site in exception as a white list
(c) you can create a custom URL object and allow it.
(d) If you only want to allow for one user, you can create a policy based on the user, and URL
some useful documents.
Its not specific to PAN version. On my firewall (running on 9.0.3) also getting categorized under hacking site. I checked on few sites and reputation of this url is not listed as poor. Please check my earlier reply.
Shodan is not a hacking site per se. They will port scan all your addresses and will post what vulnerabilities they find. Obviously, you do not want these advertised as the bad actors will use this database to prey on those who are vulnerable. It is best to just block these addresses....but there are alot of them. Some times its a bit of wack-a-mole as well. There are other companies out there that do the same thing as Shodan (such as Digital Ocean).
I would like to see Palo-Alto maintain a dynamic list for these shady characters.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!