Cross-site malware warnings
When users visit a web page, browsers like Chrome check the content that’s loaded to see if any part of it is potentially dangerous. When it detects a problem, the browser shows a warning, alerting users that content from a site we’ve identified as being malicious is being loaded. In many cases, we’ll also flag the original site as malicious, which alerts the webmaster and helps to protect potential users.
There are situations where the currently viewed site is not flagged on our Safe Browsing list, but users still see a warning in the browser. In this case, that site may have attempted to load content from a different website, one that is known to contain malicious content. We call this a cross-site warning. In Chrome, this is denoted with a browser interstitial with the following graphic:
If this occurs for your site, the first thing we recommend is locating and removing the reference to the domain that is triggering the browser warning. The warning tells you the domain of the questionable content, and after removing content from that domain your page should no longer trigger the warning. Additionally, you may find more details in the Security Issues section in Search Console. Keep in mind that the malware status of your website can change over time as our systems scan pages from your website.
However, if you discover that a page on your site has been including content from a flagged site without your knowledge, the problem is more serious and your site has most likely been compromised. In either case, Google recommends the Help for Hacked Sites recovery protocol to quarantine your site, assess the damage and clean up your site.
When is it safe to re-include the content?
If your web page intentionally included content from a legitimate site that became flagged and you wish to re-include the content after the flagged site becomes cleaned up, you can monitor the status of that site using the Google Safe Browsing diagnostics page for that site (http://www.google.com/safebrowsing/diagnostic?site=www.example.com). Legitimate sites are often cleaned up quickly by their owners.