Mixed Content error on AEM publish after integration with Target

We have integrated AEM 6.5.8.0 with Adobe Target using direct legacy integration as per https://experienceleague.adobe.com/docs/experience-manager-learn/aem-target-tutorial/aem-target-implementation/using-aem-cloud-services.html?lang=en#integrating-aem-target-options

Below are the steps we took after integration:

1) Targeted a component on Page by creating activity in AEM (Activity named "dataprivacy" for chrome and safari browser experience)
2) Activity/offer is getting synced with Adobe Target from AEM
3) Author and publish activities (by the name "dataprivacy_author" and "dataprivacy" respectively) are getting created in Target after sync
4) When I load page in Author, I see different experience in chrome vs safari browser as configured in activity

5) When I load the page in publish I get below error. 

Mixed Content: The page at 'https://xyz/us/en/xyz.html' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://xyz/us/en/xyz.targetoffer.html/content/campaigns/brand-1/master/dataprivacy/chrome_browser/xyz.tandt.html'. This request has been blocked; the content must be served over HTTPS.

For some reason the target HTML URL is pointing to http instead of https that breaks the targeting. We have correctly configured externalizer and test and target replication agent on Author. Is there anything we are missing?