In this article:
Question
Why are there IPs that do not belong to the Digital Footprint of the Scorecard listed under Observations of some issue findings?
Answer
This behaviour can be seen next to findings that relate to the SSL/SSL Cert issues below:
-
- Certificate is Expired
- Certificate is Revoked
- Certificate is Self-Signed
- Certificate Lifetime is Longer than the Best Practices
- Certificate Signed With Weak Algorithm
- Certificate Without Revocation Control
This happens because in some cases we detect SNI against a hostname. When this happens the associated IP (resolved through DNS) also gets listed under the observations column.
We understand it may cause a confusion and hence we have raised a feature request to hide the IP column in the Observations section.
NOTE: It is possible that the DNS is not resolving to the same IP, but because the finding takes a long time to decay on it's own, this data can be outdated. A feature request is in place with our Engineering to decrease the decay period so that the platform can automatically have the most updated findings.