These companies have broken HTTPS. What are your options?
You're on vacation. You see this unsecured "Free Wifi" network. You click on it because you have no other alternatives.
10 years ago, HTTPS was not common. However, "captive portals" started to boom. They intercept your web pages, and replace them with a "portal" so you can enter your hotel room number and your name.
Some other portals injected malicious code such as ads but you can also inject crypto miners
Today, such attacks on WiFi hotspots are limited thanks to HTTPs: you cannot alter the web pages between the browser and the server providing the web pages.
However, today, the server distributing the web pages is not likely owned by the website owner. Most likely, for your website to scale, you have uploaded it somewhere such as in a Content Delivery Network.