How can you tell exactly what insecure items are causing a browser to warn about mixed secure and insecure items?

Question

In Firefox, I view my site and get no warnings about insecure mixed content.

Using FireBug, I can see that every request is https.

In Chrome, I

Answer 1

You can use SslCheck

It's a free online tool that crawls a website recursively (following all internal links) and scans for nonsecure includes - images, scripts and CSS.

(disclaimer: I'm one of the developers)

Answer 2

You can add the "scheme" column to the Chrome developer tools network tab to show which requests were sent over http or https:

1. Press F12 to show the developer tools
2. Switch to the Network tab
3. Right click in the column headers and select "Scheme"
4. Reload the page to show which elements are loaded over http or https

Answer 3

In Chrome's Developer Tools, the Console tab shows the resources that it won't load because they unsecure.

Answer 4

In 48-th version of chrome they added a security panel. Using it you can quickly identify the mixed content resources: