--- title: "Troubleshooting Browser \"Dangerous Site\" Warnings" description: "Identification, resolution, and prevention of third-party \"Dangerous site\" or \"Deceptive site ahead\" browser warnings on Contentstack Launch sites." url: "https://www.contentstack.com/docs/launch/troubleshooting-browser-dangerous-site-warnings" product: "Contentstack" doc_type: "guide" audience: - developers - admins version: "current" last_updated: "2026-05-22" --- # Troubleshooting Browser "Dangerous Site" Warnings Users of Contentstack-hosted sites may receive warnings such as **"Dangerous site"** or **"Deceptive site ahead."** The presentation of these warnings restricts site access, and shared links may be removed from email and chat platforms. This document outlines the procedures for identifying the warning source, addressing the cause, and submitting a review request for access restoration. ## Root Cause Browser warnings are generated by third-party threat classification providers. Contentstack does not issue these warnings. The warnings are primarily sourced from two providers: * **Google Safe Browsing**: Utilized by Chrome, Firefox, Safari, Brave, and Opera. A single classification results in the site being flagged across all these browsers. * **Microsoft Defender SmartScreen**: Utilized exclusively by Microsoft Edge, maintaining an independent threat list. **Common signals that may result in a classification include:** * URL slugs containing words associated with phishing, such as login, verify, secure, unlock, wallet, claim, giftcard, or account-update. * Forms configured to collect credentials or payment data over HTTP, with mixed content, or with layouts resembling a known brand's sign-in screen. * Outbound links directing to domains currently included on a threat list, including URL shorteners. * The site being served from a shared platform subdomain whose reputation has been affected by another tenant. * The injection of unexpected content via third-party scripts, advertisements, or compromised editor credentials. * End users submitting "Report this site" feedback through their browser interface. ## Resolution **Prerequisites for action:** * You have publish access to the affected Contentstack stack and environment. * Access to Google Search Console and verification of the property. * Access to private or incognito browsing windows across Chrome, Firefox, Safari, and Microsoft Edge for testing. ### Step 1: Identify the provider Open the flagged URL in Chrome, Firefox, Safari, and Edge using private or incognito windows to observe the pattern: **Observation** **Provider responsible** Warning appears in Chrome, Firefox, and Safari Google Safe Browsing Warning appears only in Edge Microsoft Defender SmartScreen Warning appears only on certain corporate devices Endpoint security software (Norton, McAfee, Sucuri, and similar) If Google Safe Browsing is responsible, follow Steps 2–6. If only Edge displays the warning, proceed to Step 7. ### Step 2: Confirm scope and category 1. Open the [Google Safe Browsing Transparency Report](https://transparencyreport.google.com/safe-browsing/search) and input both the full URL and the root domain separately. 2. Log in to [Google Search Console](https://search.google.com/search-console) and navigate to **Security Issues**. This page itemizes each affected URL and its classification category: Social Engineering, Malware, Unwanted Software, or Deceptive Content. 3. Document the exact URLs and the corresponding category. The category dictates the required remediation steps. ### Step 3: Modify trigger keywords in URLs If the flag category is Social Engineering or Deceptive Content, the URL slug is a highly probable factor. **High risk slug** **Safer alternative** /customer-login-verify /customer-portal /secure-payment-update /billing-center /account-unlock /account-help /giftcard-claim /rewards **Procedure for updating the slug in Contentstack:** 1. Open the affected entry and update the URL or slug field with a new value. 2. Save and publish the entry to all relevant environments. 3. Implement a 301 redirect from the original slug to the new slug to maintain search engine optimization (SEO) and prevent broken links. 4. Purge the CDN cache to ensure immediate service of the new URL. **Note:** * This step is complete when the new URL returns HTTP 200, the original URL returns a 301 redirect to the new URL, and the [Transparency Report](https://transparencyreport.google.com/safe-browsing/search) no longer flags either URL after the review in Step 6 is finalized. ### Step 4: Eliminate other trigger signals **Outbound links** * Test all outbound links on the flagged page using the Safe Browsing Transparency Report. * Remove or replace links directing to flagged domains, sites with low reputation, and URL shorteners. **HTTPS and certificate configuration** * Confirm that the domain serves content over HTTPS with a valid certificate from a trusted authority. * Eliminate mixed content, which refers to HTTP assets loaded on HTTPS pages. * Verify configuration with [SSL Labs](https://www.ssllabs.com/ssltest/) and target an A or A+ grade. **Forms collecting sensitive data** * Add autocomplete="username" and autocomplete="current-password" to the respective fields. * Ensure forms submit data to a same-origin endpoint over HTTPS. * Avoid using color schemes, logos, or layouts that mimic the sign-in screens of well-known brands. **Compromised content** * Review the entry's revision history in Contentstack for unexpected modifications. * Audit collaborator access and rotate credentials for any accounts deemed suspicious. * Inspect the rendered page source for unfamiliar script tags, iframes, or redirects. * Remove third-party widgets, analytics, ad scripts, or chat scripts that are not actively in use. ### Step 5: Utilize a branded custom domain Threat-list providers assess reputation at the domain level. A shared platform subdomain inherits the reputation of other tenants on the same parent domain. Mapping a branded custom domain to your Contentstack-hosted site provides a more consistent protection against recurrent flags. 1. Register a brand-aligned custom domain if one is not already available. 2. In Contentstack Launch, configure the custom domain within **Domains** settings. 3. Establish a 301 redirect from the previous URL to the custom domain. ### Step 6: Request a Safe Browsing review Google does not automatically clear a flag following content modification; an explicit review request is mandatory. 1. Log in to [Google Search Console](https://search.google.com/search-console) and verify the property. 2. Navigate to **Security & Manual Actions > Security Issues**. 3. Confirm that every listed issue has been resolved on the live site. 4. Click **Request Review** and provide a specific description of the changes implemented and the rationale for why the classification is no longer applicable. Ambiguous responses may be rejected. 5. Allow 24–72 hours for the review process to finalize. Repeat reviews may require a longer period for domains with a history of flags. **Note on Review Submission:** * Review requests should be submitted only after all underlying issues on the site have been resolved. * Repeated flagging of the same domain may affect the speed of future reviews. ### Step 7: Request a SmartScreen review (Edge only) If only Microsoft Edge displays the warning, Google's tools are not applicable. Use Microsoft's feedback portal for remediation. 1. Open the flagged URL in Edge so the warning page loads. 2. Click **More information**, then **Report that this site does not contain threats**. 3. Complete the form at [feedback.smartscreen.microsoft.com](https://feedback.smartscreen.microsoft.com). Identify the user as the site owner and explain the error in classification. 4. If a specific downloadable file is flagged rather than the page, the file should also be submitted at [microsoft.com/wdsi/filesubmission](https://www.microsoft.com/en-us/wdsi/filesubmission). 5. Re-test the URL in Edge after 72 hours. Confirmation emails from Microsoft are not consistently sent. ### Step 8: Verify the warning has cleared * Check the Transparency Report for Safe Browsing flags, or reopen the URL in Edge for SmartScreen flags. * In Chrome, clear cached threat data via chrome://settings/clearBrowserData before retesting, as Chrome may cache the warning locally for several hours after a flag is removed. * Stakeholders should be informed that residual warnings on individual devices may persist for up to 24 hours after the flag has been officially cleared. **The issue is resolved when the following criteria are met:** * The Transparency Report indicates no unsafe content for the URL and root domain. * The URL loads without a warning in incognito windows across Chrome, Firefox, Safari, and Edge. * The Google Search Console Security Issues report is empty. ## Prevention ### URL Structure * Avoid security-adjacent words in slugs unless required by the page's actual function. * Use descriptive, brand-neutral slugs that accurately reflect the content. * Keep URL paths shallow and predictable. ### Infrastructure Configuration * Serve every page over HTTPS with a valid certificate from a trusted authority. * Prefer a branded custom domain over a shared platform subdomain. * Implement a strict Content Security Policy and standard security response headers, including X-Content-Type-Options, Referrer-Policy, and HTTP Strict Transport Security (HSTS) once stable. * Configure Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) for all domain-sent email. ### Workflow controls * Require a Contentstack workflow review step for any entry that generates a page collecting user input. * Restrict publish permissions to a small, authorized group of editors. * Audit embedded third-party scripts quarterly and remove anything not actively in use. ### Monitoring * Verify the property in Google Search Console and enable email alerts for security issues. * Routinely check the Safe Browsing status for the primary domain and all subdomains. ## Contact Contentstack Support If additional assistance is required after completing the steps above, contact the [Support](mailto:support@contact.com) team.