What is wrong with the mxtoolbox.com https:// everywhere page?

It seems not supported: http://mxtoolbox.com opens up fine.
https://mxtoolbox.com redirects to http://https://mxtoolbox.com
See: https://www.eff.org/https-everywhere/atlas/domains/mxtoolbox.com.html
Only content security header seems properly configured.
Definitely something wrong, three warnings and errors: https://asafaweb.com/Scan?Url=mxtoolbox.com
HTTP Server: IIS 7.5
Operating System: Windows Server 2008 R2
ASP.NET Version: 4.0.30319
Sites that know I have visited the site are in my case:
aspnetcdn.com
cloudfront.net
customer.io
google-analytics.com
google.com
googleadservices.com
googlesyndication.com
jsdelivr.net
mustbebuilt.co.uk
visualwebsiteoptimizer.com

Possible Frontend SPOF from:

ajax.aspnetcdn.com - Whitelist
(99%) -
pagead2.googlesyndication.com - Whitelist
(47%) -
www.googleadservices.com - Whitelist
(5%) -
www.google.com - Whitelist
(3%) -
cdn.jsdelivr.net - Whitelist
(1%) -

AV has been triggered, see here: https://www.robtex.com/en/advisory/dns/com/mxtoolbox/

Trojans detected see via: https://www.virustotal.com/nl/domain/mxtoolbox.com/information/
Backdoor.W32.Poison?

polonus

https://mxtoolbox.com opens http://mxtoolbox.com/ for me.

Ok, Eddy agree that is what it does under normal circumstances, the trouble begins for users that have HTTPS Everywhere installed, then the browser is starting to “jolt” between http and the envisioned https page, also influencing the extensions that react while visiting a http page and have other behavior on a https page. I thing this is a bug that should be reported to https everywhere, they have the page in their atlas, alas it does not work and redirects back to http.
It was the browser behavior that made me report.

polonus