Mixed Content Checker
Find mixed content (HTTP images, scripts, CSS) on HTTPS pages. Fix with SSL Checker and Security Headers Checker.
Share & copy
Run a check to get a share link (24h) and Copy JSON / Copy curl.
What we check
- HTTP images, scripts, stylesheets, iframes on HTTPS pages
- Inline
url(http://...)in CSS - Fixes and copy JSON
Tip: Enter the page URL to scan (HTTPS recommended).
Mixed Content Checker FAQ
What is mixed content?
Mixed content is when an HTTPS page loads resources (images, scripts, stylesheets) over HTTP. Browsers block active mixed content (scripts) and may warn or block passive content (images). It weakens security and can break your site.
Why does the browser block mixed content?
HTTPS pages should only load HTTPS resources so the full page stays encrypted. HTTP resources can be tampered with and expose users to injection or tracking. Browsers block or downgrade mixed content by policy.
How do I fix mixed content?
Change all resource URLs from http:// to https://. Ensure the asset is actually available over HTTPS. Use the Mixed Content Checker to list insecure URLs, then update your HTML, CSS, or CMS.
Are protocol-relative URLs (//example.com) safe?
Protocol-relative URLs inherit the page scheme. On HTTPS they load over HTTPS, but on HTTP they load over HTTP. Prefer explicit https:// so links and bookmarks don’t accidentally use HTTP.
What resources are scanned?
The tool scans img, script, link (stylesheet), iframe, source, audio, video, object, and inline url(http://...) in CSS. It reports any URL that explicitly uses http:// so you can upgrade them to HTTPS.