Skip to main content
SecScannerSecScanner
Security ChecksFree ToolsPricingBlog
Get Started
Sign InGet Started

Mixed Content Checker

Free online mixed content checker. Scan any HTTPS website to find images, scripts, stylesheets, and iframes loaded over insecure HTTP. Detect active and passive mixed content that weakens your HTTPS security and triggers browser warnings. Get instant results with fix instructions.

No https:// needed · Free · No credit card

What We Check

Active mixed content detection (scripts, iframes)
Passive mixed content detection (images, media)
Stylesheet and font resource check
Form action URL verification
WebSocket protocol check
Upgrade-Insecure-Requests header check

How It Works

1

Enter your HTTPS website URL

2

We fetch your page and analyze all resource URLs

3

Each resource is checked for HTTP vs HTTPS loading

4

Active mixed content (scripts) is flagged as high risk

5

You receive a list of all mixed content with fix instructions

Security Checks Included

This tool runs the following security checks on your website

Mixed ContentHTTPS enabledHTTP to HTTPS RedirectContent Security Policy (CSP)

Frequently Asked Questions

What is a mixed content checker?
A mixed content checker is a free online tool that fetches your HTTPS website and analyzes all resource URLs to find any that load over insecure HTTP. It identifies both active mixed content (scripts, iframes) and passive mixed content (images, audio), flagging each with the specific URL and fix instructions.
How do I check for mixed content on my website?
Enter your HTTPS website URL in the mixed content checker above. We'll fetch your page, analyze all resource URLs — scripts, images, stylesheets, iframes, fonts — and show you exactly which ones load over HTTP and how to fix them.
What is mixed content?
Mixed content occurs when an HTTPS page loads resources (scripts, images, stylesheets) over insecure HTTP. This weakens your HTTPS connection — the page may show a security warning, and active mixed content (scripts) is blocked by modern browsers.
What is the difference between active and passive mixed content?
Active mixed content (scripts, iframes, XMLHttpRequests) can modify the page and is blocked by browsers — this breaks functionality. Passive mixed content (images, audio, video) is displayed with a security warning but not blocked, though it still weakens your HTTPS protection.
How do I fix mixed content?
Update all resource URLs from http:// to https://. For external resources you don't control, use protocol-relative URLs (//). You can also add Content-Security-Policy: upgrade-insecure-requests to automatically upgrade HTTP requests to HTTPS.
Does mixed content affect SEO?
Yes. Google uses HTTPS as a ranking signal, and mixed content warnings signal a degraded security posture. Browsers may block active mixed content, causing broken functionality that hurts Core Web Vitals and user experience metrics.
Is this mixed content checker free?
Yes, our mixed content checker is completely free. It's part of SecScanner's free toolkit that runs 60+ security checks covering SSL, HTTP headers, DNS, cookies, and more.

Ready to Check Your Website?

Run a free security scan now and get instant results with actionable fix recommendations.

No https:// needed · Free · No credit card

Product

  • Security Checks
  • Free Tools
  • SSL Checker
  • Vulnerability Scanner
  • Email Security
  • Pricing
  • Compliance
  • Security Reports

Popular Checks

  • CSP Check
  • HSTS Check
  • TLS Version Check
  • SSL Expiry Check
  • SPF/DKIM/DMARC Check
  • Cookie Security Check
  • JS Vulnerability Scan
  • OCSP Stapling Check

Resources

  • Blog
  • Glossary
  • Contact

Legal

  • Terms of Use
  • Privacy Policy
  • Refund Policy
  • Cookie Policy

© 2025-2026 SecScanner. All rights reserved.