[lorenzhs]

Same with w3.org, which is fifth on the list, and ebay-kleinanzeigen.de. Seems like quite a few entries are off.

[chuckhoupt]

w3.org redirect to www.w3.org, but not HTTPS. This makes sense for the standards org that defines HTTP, and needs to maintain backwards compatibility.

[jcranmer]

Except the standards org that defines HTTP is the IETF, not the W3C...

[chuckhoupt]

Opps! You're right, the W3C only helped author it.

I was also wrong to say that w3.org never redirects to HTTPS. If the browsers sends a Upgrade-Insecure-Requests HTTP-header, then it redirects. That allows it to support all browsers as securely as possible.

Sites like whynohttps.com and observatory.mozilla.org should really test for this pattern.