It's not a bug, it's a feature!

Haven't you realised that there are no bugs in allegro.cc, it's either your browser's fault or it is working as designed.

That is likely the result of icons or other similar resources being delivered over plain HTTP instead of HTTPS. As long as the requests don't contain sensitive information it should be harmless to fetch these resources over an unencrypted connection.

Most browsers typically warn you the first time this ever happens anywhere, but by default don't warn you again unless you tell them to. You might have configured your browser to warn you every time this happens. There's nothing particularly wrong with that, and I think that ideally everything should be encrypted, but I suppose the encrypted connection adds overhead that might weigh into the host's bottom line.

In any case, you can probably trust that allegro.cc is working sufficiently securely. If anything it's annoying that browsers consider this condition all or nothing. They should allow you to configure whitelists so you can say, "I trust allegro.cc to encrypt what it should, but warn me if any other host mixes HTTP and HTTPS." I don't think that any browser that I'm familiar with can do this currently, but then I normally just accept the default "don't warm me again" and only see it the first time I encounter it with a new browser profile...