One would typically serve media and static content via HTTP because of performance, and probably more importantly, easier caching architecture as it's impossible to cache TLS'ed content outside the web server.
You might want to serve some personally-identifiable or sensitive data via HTTPS if you have the the resources. At the very least, you should authenticate via HTTPS which is what a lot of services do.
You might want to serve some personally-identifiable or sensitive data via HTTPS if you have the the resources. At the very least, you should authenticate via HTTPS which is what a lot of services do.