Our users won't get warned!

Viruses and worms
1

One should also trust visited SSL sites, alas avast! does not scan those yet.

See: http://app.webinspector.com/public/reports/show_website?site=https%3A%2F%2Fwww.santanderconsumer.pt
See: https://www.ssllabs.com/ssltest/analyze.html?d=santanderconsumer.pt
See: http://www.sslshopper.com/ssl-checker.html#hostname=https://www.santanderconsumer.pt/
See: https://sslcheck.globalsign.com/es/sslcheck?host=www.santanderconsumer.pt
See: http://www.networking4all.com/nl/helpdesk/tools/site+check/report/?fqdn=https%3A%2F%2Fwww.santanderconsumer.pt%2F&protocol=https
strict transport security warning
In FF we get a security warning broken or untrusted via Calomel.
Google Chrime says the Certidicate is OK.

http://toolbar.netcraft.com/site_report?url=https://www.santanderconsumer.pt

DrWeb’s check site as safe: Checking: htxps://www.santanderconsumer.pt/modules/mod_ls_tabmenu/mod_ls_tabmenu/scripts/ja.script.js
File size: 3398 bytes
File MD5: 5712e4783765c6ba0db8fb89150b01d5

htxps://www.santanderconsumer.pt/modules/mod_ls_tabmenu/mod_ls_tabmenu/scripts/ja.script.js - archive JS-HTML

httxs://www.santanderconsumer.pt/modules/mod_ls_tabmenu/mod_ls_tabmenu/scripts/ja.script.js/JSFile_1[0][d46] - Ok
htxps://www.santanderconsumer.pt/modules/mod_ls_tabmenu/mod_ls_tabmenu/scripts/ja.script.js - Ok

Checking: htxps://www.santanderconsumer.pt//plugins/system/2j_tabs/2j.ui.tabs.js
File size: 6637 bytes
File MD5: da564255ec004da22a29863d1399c988

htxps://www.santanderconsumer.pt//plugins/system/2j_tabs/2j.ui.tabs.js packed by JSPACK

htxps://www.santanderconsumer.pt//plugins/system/2j_tabs/2j.ui.tabs.js - archive JS-HTML

htxps://www.santanderconsumer.pt//plugins/system/2j_tabs/2j.ui.tabs.js/JSTAG_1[9][249b] - Ok
htxps://www.santanderconsumer.pt//plugins/system/2j_tabs/2j.ui.tabs.js - Ok

Checking: htxps://webcare.byside.com/agent/byside_webcare.js
File size: 111.92 KB
File MD5: 472ec6a8d3c7f818f679939969fb63e5

htxps://webcare.byside.com/agent/byside_webcare.js - archive JS-HTML

httxs://webcare.byside.com/agent/byside_webcare.js/IFrame_1[1f] - Ok
htxps://webcare.byside.com/agent/byside_webcare.js - Ok

Checking: htxps://www.santanderconsumer.pt//plugins/system/jceutilities/js/jceutilities-217.js
File size: 19.55 KB
File MD5: e52eaaf6102bbc4bef73e19782610316

httxs://www.santanderconsumer.pt//plugins/system/jceutilities/js/jceutilities-217.js - archive JS-HTML
htxps://www.santanderconsumer.pt//plugins/system/jceutilities/js/jceutilities-217.js - Ok

Checking: htxps://www.santanderconsumer.pt/
Engine version: 7.0.7.12100
Total virus-finding records: 5044435
File size: 9027 bytes
File MD5: e3249e78706f253ccb650ec28738a73d

htxps://www.santanderconsumer.pt/ - archive JS-HTML

htxps://www.santanderconsumer.pt//JSTAG_1[4e2][27c] - Ok
htxps://www.santanderconsumer.pt//JSTAG_2[89a][dc] - Ok
htxps://www.santanderconsumer.pt//JSTAG_3[98e][4d] - Ok
htxps://www.santanderconsumer.pt/ - Ok

Attackers may be able to decrypt the encrypted SSL traffic (vuln to BEAST attack)
Users may receive strong browser warnings and experience slow performance
This server is vulnerable to MITM attacks because it supports insecure renegotiation. Grade set to F.
There is no support for secure renegotiation.
The server does not support Forward Secrecy with the reference browsers.

So exept FF where site is being blocked we have no protection against this?

polonus