We give amazon and google a web bug on our donate page, and the amazon one is http
https://blog.torproject.org/blog/volunteer-qa-price-freedom-eternal-vigilance#comment-15951 points out that our page https://www.torproject.org/donate/donate.html.en loads some unencrypted content. My guess is it's the amazon logo: http://g-ecx.images-amazon.com/images/G/01/asp/golden_small_donate_withmsg_whitebg.gif
First, this is a problem since the page isn't all-https anymore.
Second, why are we having the user load something from amazon and something from google every time they visit our donate page? Seems to me we should serve local copies of these images.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information