Turns out they are hiding something that cannot be unseen.
This site works only in browsers with SNI support.
This server supports TLS_FALLBACK_SCSV to prevent protocol downgrade attacks.
This server supports HTTP Strict Transport Security with long duration. Grade set to A+.
Assessment failed: Unable to connect to server
This server supports SSL 2, which is obsolete and insecure. Grade set to F.
This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B.
This server accepts the RC4 cipher, which is weak. Grade capped to B.
|SSL 2 INSECURE||Yes|
So what are we going to do with this?