This is a massive reason, imo. The average user views that url annotation as a bad thing. They don't know it's static, or even what "static" refers to.
Even if they knew the site was static, "not secure" would still be valid. An ISP or malicious wifi network may be recording their browsing history, downsampling images, injecting or replacing ads, replacing executables with backdoored versions, adding fake login forms or popups to get the user to give a password of theirs, etc.
