Take a look at your web browser’s web dev tools. There are likely “mixed content” warnings for assets (images, JS, CSS, fonts, etc.) that you’re loading via http.
Pretty sure GitHub Pages defaults to https now so if you try to load insecure content your browser is going to complain. Just make sure everything starts with https, including your site.url and you should be set.
Though now that I see you’re using a custom domain you might be out of luck as SSL isn’t currently supported this way. There are ways around it if you hook your site up to Cloudflare. I’d suggest Googling around, I know I’ve see blog posts about the matter.