Hi, thanks for offering to look. I don’t believe there’s a mixed content issue here. It’s a simple static site that’s mostly a placeholder right now: under-belly.org.
“Always use https” is selected on the Cloudflare Crypto page. There’s an .htaccess file that redirects www.under-belly.org to the right url; curiously this does force https. My attempts to get the .htaccess to also redirect http://under-belly.org to https have either done nothing or else broken the site.