“Mixed Content” warnings occur when an HTTPS page is asked to load a resource over HTTP.
This is dangerous because the insecure resources are vulnerable to alteration by an active attacker or eavesdropping by a passive attacker, which violates the user’s expectation of security for an HTTPS page.