Northflank - * dangerous security warning – Incident details

All systems operational

* dangerous security warning

Started about 1 year agoLasted about 1 hour


Northflank Platform

Operational from 11:49 AM to 1:11 PM


Operational from 11:49 AM to 1:11 PM

  • Resolved

    It appears the warning has been lifted for * domains and are now working as expected. We continue to monitor the situation closely. We apologise for any inconvenience.

  • Identified

    Google’s Safe Browsing has marked * as a dangerous domain. This impacts all public HTTPS endpoints that do not use a custom domain. We recommend appealing for your specific service domains at

    We have sent the relevant documentation via Google Search Console and await a response from Google. We will explore options including:

    • temporarily using another domain for new workloads
    • exploring wildcard and vanity replacement of * on a per-user basis
    • adding * to an allow-list

    A user was caught deploying a phishing website and was banned within 10 minutes of notification. * is a member of the PSL, and, unfortunately, it is not considered when blocking thousands of domains for one offending workload.