We're a new a BitSight customer and were surprised to find that they were reporting that our server at schoolboardtraining.cciu.org is using a Common Diffie-Hellman Prime, because the SSL Labs scan results reports "Uses common DH primes: No". BitSight claims that our site is using the common prime 2.2 from RFC 5114:

2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup

The hexadecimal value of the prime is:

p = AD107E1E 9123A9D0 D660FAA7 9559C51F A20D64E5 683B9FD1
B54B1597 B61D0A75 E6FA141D F95A56DB AF9A3C40 7BA1DF15
EB3D688A 309C180E 1DE6B85A 1274A0A6 6D3F8152 AD6AC212
9037C9ED EFDA4DF8 D91E8FEF 55B7394B 7AD5B7D0 B6C12207
C9F98D11 ED34DBF6 C6BA0B2C 8BBC27BE 6A00E0A0 B9C49708
B3BF8A31 70918836 81286130 BC8985DB 1602E714 415D9330
278273C7 DE31EFDC 7310F712 1FD5A074 15987D9A DC0A486D
CDF93ACC 44328387 315D75E1 98C641A4 80CD86A1 B9E587E8
BE60E69C C928B2B9 C52172E4 13042E9B 23F10B0E 16E79763
C9B53DCF 4BA80A29 E3FB73C1 6B8E75B9 7EF363E2 FFA31F71
CF9DE538 4E71B81C 0AC4DFFE 0C10E64F

Is the BitSight report a false positive, or is the SSL Labs giving a false sense of security in this case? Thanks!

I confirmed that our server is indeed using this Common Prime, which BitSight identified but the SSL Labs Scan blithely pronounces as "Uses common DH primes: No", so this appears to be a significant bug in the SSL Labs scanner. We're moving to replace our prime with a new one, so at some point in the near future our server will no longer be a good example of the issue.