Today’s the day that Chrome brands plain old HTTP “not secure”
https://arstechnica.com/gadgets/2018/07/todays-the-day-that-chrome-brands-plain-old-http-as-not-secure/
Since February, Google has planned to brand non-HTTPS sites as "Not Secure," and today, with Chrome 68, that change is being rolled out to a wide audience.
With the change, every site now gets a label in its address bar: "Secure" if the site is loaded over HTTPS, "Not Secure" otherwise. In September, Google will make another change and remove the "Secure" label, marking the transition to a world where secure HTTP is the default rather than the exception.