I used Fly.io to spin up a demo site for a repo on GitHub, and today I discovered it got flagged with a phishing warning. I’ve never seen this warning before anywhere, and I’m wondering if it has something to do with the .dev domain?
I filed a report with Google to get it unmarked, but the whole thing seems weird.
I’m seeing it on several of our apps too, such as https://debug.fly.dev. I think google is blocking *.fly.dev. I also reported the site as valid but it feels like screaming into the void.
Until this gets resolved you can either use your app’s IP address or a different domain.
I’m sorry about this, we’ll see what we can do to get this fixed ASAP.
Looks like this was resolved around 11am UTC.
I also received this from a few of our customers, big red screens of death. We were forced to use the fly default dns name servers for a few hours as we migrated our domain and during this time we received this issue from a number of our clients.
@dan.wetherald Were your customers seeing the message on *.fly.dev domains or you mean your domain was flagged too?
We have a service in the background that checks an email field to verify MX records are valid. This was causing the pop up to show in the browser, once we switched it back to our domain I believe the problem was removed.