Because there are dozens of processes in the background doing that for me.

This is the correct answer. You'd be surprised how many programs rely on the remote server redirecting them to a secure server.

Most major banks in Sweden had http landing pages and did not use HSTS last time I checked (in 2017).

Right gue CAs and a lack of cert pinning?

And how would a rogue CA cert get into your cert store?

The only issue with random access points when using properly secured connections is the metadata leak - DNS queries, etc. They will now whom you are connecting to, basically. That's it.

Exactly. And even that, you could use a VPN. In fact anything an airbnb host can do, your ISP at home can do it to, and is far more likely to be doing analytics on it, or be subpoenaed for it. So if it is a concern, you're probably already using a VPN.