I believe the primary reason you are getting an error message regarding insecure resources is because Paypal is serving their favicon over regular http instead of https. Firefox and Palemoon do not give an error for favorite icons, but they do for other content.
This is funny to me because they serve the favicon several times, and one of them is https.
The other message regarding obsolete ciphers is most likely because of a separate MAC for message authentication, rather than using an AEAD cipher such as AES-GCM. This is less likely to raise an error and does not do so on most browsers unless RC4 is used.