When a single IP address can support multiple virtual hosts, probing port 443 for an SSL version of a domain is naive and may trigger an intrusion detection system (IDS). Sure, you may get a response (and even the same content), but that's no guarantee that the domain you used is configured for SSL on the server. An IDS may flag the request as a potentially malicious probe and temporary block the IP address from accessing some resources. This can be extremely useful for blocking exploit attempts by drive-by bots that request by IP address alone. Of course, it would be strange to continue to allow access to the SSL resource as in your example, but maybe there's a reason for it (server admin has different goals than site admin, for example). Just one possible explanation. You might regain HTTP access if you stop hitting HTTPS for a while.
Edit: The CN in the cert is news.ycombinator.com, so it's unlikely my explanation is the cause (but still could be).
Is it "naive", or is it totally harmless? I've been using HTTPS Finder, which probes for HTTPS versions of websites for quite a while now, without any noticeable negative effects. I'm sure sites out their exist which have this IDS configuration that you describe, but none of the ones I've visited do. As for the positives, I can't remember how many HTTPS versions of sites that it's alerted me to, but it's a lot
It's naive ("let's poke it with a stick and see what happens"), but should be mostly harmless with a properly configured IDS. You don't want to permanently blacklist legitimate users, just discourage malicious ones.
Unfortunately, there's no guarantee that an HTTPS site is identical to the corresponding HTTP site. In most web servers, each one has its own configuration, so it's best to visit SSL sites only when you've been explicitly directed to do so.
Edit: The CN in the cert is news.ycombinator.com, so it's unlikely my explanation is the cause (but still could be).