Failing the SSL Server test or not?

Viruses and worms
1

Do not visit the site and site’s IP because the connection is not private and blocked and alerted by Google Safe Browsing:
htxps://192.135.177.35/ Minerals Management Service: http://toolbar.netcraft.com/site_report?url=https://192.135.177.35
respectively: http://toolbar.netcraft.com/site_report?url=https://[i]gis.boem.gov[/i]

Here everything seems OK: https://cryptoreport.websecurity.symantec.com/checker/views/certCheck.jsp for
https://gis.boem.gov/arcgis/rest/services There we are told the certificate is installed correctly.
Certificate chainShow details
DigiCert SHA2 Secure Server CAIntermediate certificate
*.boem.govTested certificate

Secure Renegotiation:
Enabled
Downgrade attack prevention:
Unknown
Next Protocol Negotiation:
Not Enabled
Session resumption (caching):
Enabled
Session resumption (tickets):
Not Enabled
Strict Transport Security (HSTS):
Enabled (max-age=31536000; includeSubDomains)
SSL/TLS compression:
Not Enabled
Heartbeat (extension):
Not Enabled
RC4:
Not Enabled
OCSP stapling:
Not Enabled

But Qualys Labs does not get any further than a meagre F-Status: https://www.ssllabs.com/ssltest/analyze.html?d=gis.boem.gov

This server supports anonymous (insecure) suites (see below for details). Grade set to F.

And this conclusion is because of:
Insecure tracking: 100% of the trackers on this site could be protecting you from NSA snooping. Tell boem.gov to fix it.

All trackers
At least 2 third parties know you are on this webpage.

-gis.boem.gov -gis.boem.gov
-shaaaaaaaaaaaaa.com

F-F-C+ F-D-X status: https://observatory.mozilla.org/analyze.html?host=gis.boem.gov

page meta security headers are not being set secure.
cache-control and content-security-police are not set secure either.

Is the site being blocked by an intrusion protection system? Re: https://aw-snap.info/file-viewer/?tgt=https%3A%2F%2Fgis.boem.gov%2Farcgis%2Frest%2Fservices&ref_sel=GSP2&ua_sel=ff&fs=1

gis.boem.gov is a bad zone, but boem.gov has name servers software versions are exposed
and they appear to be vuln.:
https://www.cvedetails.com/vulnerability-list/vendor_id-64/product_id-144/version_id-188009/ISC-Bind-9.10.3.html

OK here: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fgis.boem.gov%2Farcgis%2Frest%2Fservices

Network risk 1/10 red: http://toolbar.netcraft.com/site_report?url=https://gis.boem.gov

polonus (volunteer website security analyst and website error-hunter)