Please have a look in "Suspicious Indicators" section, it is showing a URL "http://isrg.trustid.ocsp.identrust.com" marked as malicious. Previously it is showing one more URL in this section of letsencrypt.
After some R&D, I found that these URLs are related with OCSP (Online Certificate Status Protocol), to resolve this issue I enabled SSL stapling on server. After that letsencrypt URL has been removed from this report but another one "http://isrg.trustid.ocsp.identrust.com" is still showing in report. Can we enable multiple SSL stapling on server. I found a reference on below URL for the same:
But how can we do this. Or suggest some other way to resolve this. Please help me to resolve this issue.
I agree with Osiris, this sounds like a single reputation engine that either doesn’t understand OCSP, or has flagged the Identrust because it’s been seen on a hacked website at some point (despite the millions of unhacked websites that also point to it). Since hybrid-analysis gives no insight into which provider is doing this, your best bet would probably be to contact them about the false positive.
if you want to you can change intermediate cert to ISRG root x1 signed one, then it won’t call to isrg.trustid.ocsp.identrust.com . but keep mind the it isn’t in trust store until android 7.1.2 (other OSs are mostly have update trust store other then OS version)