After scanning it is marked as suspicious due to some suspicious Indicators. You can go through with below URL to check scanned report:
Please have a look in "Suspicious Indicators" section, it is showing a URL "http://isrg.trustid.ocsp.identrust.com" marked as malicious. Previously it is showing one more URL in this section of letsencrypt.
After some R&D, I found that these URLs are related with OCSP (Online Certificate Status Protocol), to resolve this issue I enabled SSL stapling on server. After that letsencrypt URL has been removed from this report but another one "http://isrg.trustid.ocsp.identrust.com" is still showing in report. Can we enable multiple SSL stapling on server. I found a reference on below URL for the same:
But how can we do this. Or suggest some other way to resolve this. Please help me to resolve this issue.
Not really. The only news since that thread was posted is that the multi-stapling extension was deprecated in TLS 1.3! If any TLS implementations ever supported it, they're likely to remove it.
I agree with Osiris, this sounds like a single reputation engine that either doesnât understand OCSP, or has flagged the Identrust because itâs been seen on a hacked website at some point (despite the millions of unhacked websites that also point to it). Since hybrid-analysis gives no insight into which provider is doing this, your best bet would probably be to contact them about the false positive.
I agree with you all, but when we are trying to deploy our portal on any highly secured domains like banking, FMCG , they need clear report. It shows suspicious currently.
if you want to you can change intermediate cert to ISRG root x1 signed one, then it wonât call to isrg.trustid.ocsp.identrust.com . but keep mind the it isnât in trust store until android 7.1.2 (other OSs are mostly have update trust store other then OS version)