As you have, use Firebug with Firefox, or use the developer tools in Chrome or Safari or IE to see what’s loading on your site, the errors and work with the HTML.
The main non-https errors I see are for fonts from Google and gstatic.
So call your fonts in the @import style sheet or in functions.php by
//fonts.googleapis.com/css?family=OpenSans
or the header.php by
<link href="https://fonts.googleapis.com/css?family=OpenSans" rel="stylesheet" type="text/css">
and not in the form of
http://fonts.googleapis.com/css?family=OpenSans
because that will cause WordPress to add its own https when the first part of the href protocol is not included.
And, if you recently changed from http to https, you need to search all your post/page content to change all http links to https for images and internal links. Changing the site URLs to https is not enough, as that does not retroactively change all links in post/page content.
Use a plugin called Search RegEx to find/replace links in post/page content.
Or, use an SQL find/replace utility called interconnectit.com WordPress Serialized PHP Search Replace Tool to scan the whole database.