Question: How to find out what contents on a HTTPS page is retrieved using HTTP, i.e. unencrypted in transit and thus open to sniffing?
Answer: Use Google Chrome web browser’s Developer Tools. Look under “Console” and you’ll see lines that look like this:
The page at https://www.example.com displayed insecure content from http://feeds.feedburner.com/notsecure.