things that do stuff like this can't, they try whatever tricks are possible to push javascript or redirects to send the client browser to something non https, on port 80