Hmmm, we're using a Let's Encrypt Cert which is coming up as valid on Chrome, Firefox 71.0 and Safari for us. We have seen problems with OpenDNS - any chance you using that?
At least some of the queries for this domain name are coming back pointed to 35.189.102.199 (199.102.189.35.bc.googleusercontent.com), which seems to be okay on the SSL certificate (see https://www.ssllabs.com/ssltest/analyze.html?d=got-it.com ) even though they offer TLS 1.1 in addition to TLS 1.2.
However, other DNS queries get pointed to 146.112.61.106 (hit-adult.opendns.com), and according to testssl.sh offers only TLS 1.2, but doesn't have server cipher order, and has an incomplete chain of trust.
The latter IP address also seems to be vulnerable to Secure Client-Initiated Renegotiation, and BEAST (CVE-2011-3389), and maybe LUCKY13 (CVE-2013-0169).
Looks like it's been content blocked with Open DNS on their family friendly DNS servers. I've submitted a request for it to be categorised. Previous experience is that this takes a few days.