How to fix "insecure content was loaded over HTTPS, but requested an insecure resource"

"Mixed Content" warnings occur when an HTTPS page is asked to load a resource over HTTP.

This is dangerous because the insecure resources are vulnerable to alteration by an active attacker or eavesdropping by a passive attacker, which violates the user's expectation of security for an HTTPS page.

https://developers.google.com/web/fundamentals/security/prevent-mixed-content/fixing-mixed-content?hl=en

Update the links via adding a meta tag like below

<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

Note: This is a hot fix when you update your production from non-ssl to ssl, anyway you have to fix all the links one by one to https.

You are trying to access via "http" on a "https" site, its best to use "https" content. You shouldn't access insecure data on a secure channel.