Nel Heroku warning on Avast

I keep getting this popup from Avast: https://i.imgur.com/tQ6dfiK.png

"Connection to this website is not secure

Connection to http://nel.heroku.com/ has been blocked because the SSL certificate is not trusted."

It seems like I am not the only one facing it as you can see from this link (https://www.democraticunderground.com/100218306688)

Is there a way to fix this please? Can’t figure out what is causing it.

Thanks.

I get same warning using iPad / Safari browser, and there is no avast on my iPad, so i guess it is a website owner problem

It seems the website is also down. https://downforeveryoneorjustme.com/nel.heroku.com?proto=https

So is it a false positive?

So is it a false positive?
Impossible to say when website is down …. but why is it down, infected ?

The main domain isn’t down, it also displays on Firefox ok.
However the sub domain nel.heroku.com is down reported by downforeveryone and firefox “We can’t connect to the server at wXw.nel.heroku.com” (the X is mine to break the link).

This thread cracks me the f*** up. I found it in my google search while I was researching the Network Error Logging feature in Chrome & Firefox.

I thought I might explain for y’all, in case anyone else happens upon this thread.
The reason for nel.heroku.com being accessed is because your browser has been told, by a website you visited, to report networking errors & statistics to nel.heroku.com
NEL is a feature in Chrome, Firefox, Safari etc. that assists website hosts (such as Heroku) in aggregating metrics and identifying problems across their network.
NEL is not a feature that was actively enabled by the owner of whichever website you visited - Heroku enabled it globally across their platform, as they are in the business of hosting websites.
Whatever website you visited has paid Heroku to host their website and use their platform.

The reason why nel.heroku.com did not appear to load, but the apex domain (heroku.com) did, was because nel.heroku.com is purely for computers to use. It is not a place any human is expected to visit explicitly (other than certain network engineers).

I can’t speak to why Avast blocked the website, why it was considered down (other than the page returning a 404 Not Found), or why the SSL certificate was not trusted at the time.