I've been reading a bit more on recent cipher and key exchange negotiation changes, it appears that the reason 3des "fail" on modern browsers is the same reason they "fail" dh-small-subgroup and dh-composite. They are not actually failing if the negotiated KX algo is ECDHE.
As a good measure, I think we should also offer in the high profile, checks for RSA KX and CBC mode ciphers. They are all marked as weak by modern browsers. There are apparently enterprise middlewares that decrypt RSA KX for monitoring. CBC is weak and should also be checked in the high profile because BEAST and POODLE (high because of compatibiltiy).