There is little an application can do to get around this with older versions of Windows, other than implementing features without using Windows APIs.
Well it's not great to have $urlget behaving differently than normal socket when it comes to things we, as scripters, have no control over, here SSL and ciphers.
Is it not possible to force a different cipher list with the wininet api?
When it comes to http and non persistent connection (btw Connection: keep-alive is sent as header which does not make sense), $urlget is now a must, but this issue changes the game.
It's possible to script $urlget with normal socket but that defeats the purpose of it and it's much slower, is there no plan to get rid of the windows api?