Unfortunately, Google, via Chrome, is forcing HTTPS on .dev domains. They are doing this for their own internal reasons. It’s just a bit annoying for web developers though. Here’s the full article.

https://ma.ttias.be/chrome-force-dev-domains-https-via-preloaded-hsts/

Easiest solution moving forward, don’t use .dev.