See: http://app.webinspector.com/public/reports/show_website?site=https%3A%2F%2Fwww.mmis.georgia.gov
See here: https://www.ssllabs.com/ssltest/analyze.html?d=mmis.georgia.gov (with issues but valid Certificate)
Not vulnerable to Heartbleed: Site: wXw.mmis.georgia.gov
Server software: Microsoft-IIS/6.0
Was vulnerable: No (does not use OpenSSL)
SSL Certificate: Safe (regenerated 4 years ago) - given as incomplete.
Assessment: This server was not vulnerable, no need to change your password unless you have used it on any other site!

asafaweb scan came up with:
custom errors: Fail, Excessive Headers warning, Http Only Coookies warning, Secure Cookies warning and a Clickjacking warning.
see: https://asafaweb.com/Scan?Url=https%3A%2F%2Fwww.mmis.georgia.gov

pol