Chrome detects my Site as Deceptive site ahead on

Username “epiz_31420208”

Hi, I created a brand new website for URL Shortener using YOURLS open source code.
installation worked flawless. However, after adding few short links for testing I noticed that Chrome
every now and then would show a Security warning “Deceptive site ahead”. this happened pretty much at the 1st hour the site/domain was created (see picture).


I mean this warning is when clients trying to use the website, not for administrating the site.

I believe this is against TOS


(post deleted by author)

you know or you think? i didn’t see any reference on the TOC on that doesn’t allow running a private (for private use, not public) Shortener service.

but let’s not Digress. let’s focus on the issue that Chrome browser detects the domain as deceptive site 1 hour after it was created.

Correct, it does not say that. But what it always say is that you are responsible for everything in your website. So if someone uses your service to link an inappropriate link, it is considered your fault.

1 Like

since it is a private service to limited authorized personals to use, I would not consider “So if someone uses your service to link an inappropriate link, it is considered your fault.” as a risk as it will not be open to the public to post /share URLs.

Are you sure???

1 Like

public one. I am running a private one.
anyway let’s focus on the issue in chrome as it is not related to the type of service but general issue with rf.dg domain.

I am sorry, but we are not going to assist you with something that should not be hosted here. In any case, the issue is that chrome detected an issue with your code, there is nothing you can do anyways.


this is an old TOC or not from InfinityFree, the current one does not disallow URL shortoners

now that we cleared that out of our way, let’s focus on the technical issue i submitted.

I already did:

Chrome’s job is to keep users safe, and if it finds things it does not like, it shows a warning.


i just created another test site with few dummy HTMLs and no scripts and i am getting the same results. so it’s not scripts.
2 options that I can think of:

  1. domain is flagged sporadically as a dangerous site by google/chrome
  2. I am using currently HTTP and not HTTPS. maybe that triggers Google chrome?

Chrome does not show a dangerous site warning just for using http. However, http might come into account when the site evaluates the content. Also, I do believe that people can report sites to google as dangerous, and remember that Infinityfree is a hosting service - there have been malicious sites that have been here before. Even if they got taken down, they still leave a mark. Remember that this is a free hosting site - malicious people can create malicious sites easier because they don’t have to pay.

As far as I can tell, brightcloud internet rep checker lists this url ( as safe. However, brightcloud is not chrome. Maybe chrome is messing something up, but right now we do not know.


Maybe this has something to do with it.


Google reports that your site contains some pages that are unsafe:

If the entire domain got banned, it wouldn’t say that the entire site is unsafe. And that any other domain is also unsafe. But none of those things are the case, so it’s definitely something on your site specifically.

As to why Google marked your site, I don’t know. But if you add your site to Google Search Console, you’ll get more detailed reports about harmful content found on your site.


Did you mean that “it wouldn’t say that only some of the pages on the site are unsafe?” Google does not mark the entire website as unsafe, only some of it.

Like you said though, Admin, it is not the domain. Therefore, @KillaBee, it must be something on your side. And, as Admin said, a bright idea is to add yor site to the Google Search Console. Heck, I didn’t even know that they would give you more details onto what they found that was harmful, so I definitely recommend checking that out. The more information you have on why Google thinks your website is unsafe, the better!


two issues I have with your conclusion.

  1. the site was only online for one hour and locked to the public with only few tests on it done by me.
    how can it become unsafe when never used.
  2. if you claim it is the content, that is also disputed as I created two aditional test sites on teh same domain coping exactly the same content (duplicated the files) and they are not marked as unsafe in the google checker (Google Transparency Report).

so it can’t bee that the site was misused as it was locked to the public and it can’t be that the content is the problem or the other two identical sites would also be marked bad.
that leave us with some subdomains under that are blacklisted on google safe browsing.

This is what Google says, so you may want to investigate (on your end):


I mean i created on different sub-domains ( but same exact copy (typo when said “same domain”)

there is no point in speculating
just read this and look at FIX somewhere at the bottom
and report that your site is SAFE