When a secure HTTPS page loads some of its resources — an image, script, or stylesheet — over plain, unencrypted HTTP. Browsers warn about it because it weakens the security of the whole page, even if everything else is properly encrypted.