These are both cases where the subdomain can trick people. The .c.uk one is a bit more dangerous as they claim a lot of people end up landing on those pages. I had a quick look through some other second level domains to see if anyone else had a site like this.
What I find hard to believe and just realized was that this domain was registered on 10-Jun-2014.
Edit: People were first able to register .uk domains last year, and if the .co.uk domain already exists then you must own it in order to register the .uk domain.
The problem with c.uk. being an allowed domain is, I agree, very dodgy. This thread is about the WHOIS returning that it's not responsible for foo.c.uk. though which is absolutely what I'd expect.
https://t.co/ is very well known. Probably the most used single-character domain in existence :)
Unrelated, but I've never understood why t.co counts against your tweet length.. for example, if you tweeted "ebay.c.uk", it would count for length(http://t.co/xxxxxxxxxx) characters (15 characters even though you only typed 9).
I'm not asking why they use t.co. I'm asking why it counts against my tweet length. If I want to tweet 140 characters and they interpret some of them as a link, why can I no longer tweet my 140 characters because something on their system turned it into 150 characters? They could shorten it while still using my url's length for accounting. They already let you tweet more than 140 bytes due to unicode so it's clearly not a technical reason such as a char(140) db column.
They very well could simply take min(len(t.co/url), len(orig_url)) without breaking any past tweets or changing the 140 character limit's spirit. It would just behave more logically.
(1) Keeping it simple and consistent and (2) they want to ensure that as much relevant traffic goes through t.co as possible. If you want to lock people into t.co URLs, there's no reason for them to play games otherwise unless it truly starts eating into the character count. It's an avenue for profit through data mining. Also, the notion of blocking phishing sites is also there, but the real reason is data mining. They want as much desired, relevant data as possible about the URLs people are using on their service — where they're going, when they're going there, who's going there, etc., etc., etc. In the data, there is money. It's also about other untaped potential in being the middle man (e.g., injected ads) — not that they'll necessarily do such a thing, but from their perspective it's good to be in the position to exploit as many avenues of profit as possible.
You misunderstood. I meant that they could use the minimum of those two lengths when checking the length of your tweet while still turning it into a t.co url either way. All traffic still goes through t.co. The behavior is identical to today except that it's simpler and consistent because it doesn't make my 140 character tweet invalid.
They could do something along those lines, but that would not be "keeping things simple". Plus, there is not significant motivation for them to do it — plain and simple. They could, but so far it's not worth the time/money investment. Every little feature, every little bit of work added and layered onto things has an associated cost/benefit to it. Simply put, it's not worth it to them at this present time.
The 140 character limit isn't just an arbitrary number to see how creative people can be within it. Many people forget or never knew that twitter started out with its 140 character limit because of SMS limitations. SMS limits messages to 160 characters, and twitter reserves 20 of those. The final result of your message, including URLs has to fit within 140 characters to reach any SMS bound audience in a single message.
But that's not the case now. The SMS limit is 160 7-byte characters, basically ASCII. But as parent noted, "They already let you tweet more than 140 bytes due to unicode so it's clearly not a technical reason such as a char(140) db column.".
Because your tweet is no longer "ebay.c.uk", Twitter changes is to to "http://t.co/xxxxxxxxxx" which takes additional charactors that what you entered.
Of those, x is currently timing out, q redirects to some kind of customer-only login wall, and z is the winner as the only normal public-facing website on a single-letter .com.
I wonder if eBay still owns x.com, having been Elon Musk's PayPal precursor. If so, it's a staggering oversight to leave the domain dormant.
Have the glue record for a/your domain (e.g. c.uk) point to your own nameserver. Configure the nameserver to respond to any request for an A or AAAA record under that domain with the target IP address. Make the HTTP server listening on that IP address answer regardless of the Host header.
It depends on your DNS provider as to if they support it or not. Often, they will not and you'll simply have to run your own dns nameserver (bind) with a wildcard config, such as http://community.aegirproject.org/dnswildcard ... Googling around will find you many bind configurations and discussions of this feature.
Error for "com.uk".
This domain cannot be registered because it contravenes the Nominet UK
naming rules. The reason is:
third-level domains may not be identical to a top-level domain.
WHOIS lookup made at 00:32:52 13-Apr-2015
But edu.uk is available for the owner of edu.co.uk.
Other 2-3 letter domains seem to have been squatted (I tried several ISO codes and some newer generic TLDs).
There was an ok.su that would accept any traffic sent its way: mail, web, im, dns, so on.
I often wonder how many errors sent ok.us traffic to that black hole, and what they did with the data. I assume there are several other .su domains set up with blackholes as well.
48 comments
[ 2.1 ms ] story [ 120 ms ] threadAnother more general example to share with family is:
http://www2.scotiaonline.scotiabank.com.online.authenticatio...
These are both cases where the subdomain can trick people. The .c.uk one is a bit more dangerous as they claim a lot of people end up landing on those pages. I had a quick look through some other second level domains to see if anyone else had a site like this.
The more details on two level domains here: http://en.wikipedia.org/wiki/Second-level_domain
Edit: People were first able to register .uk domains last year, and if the .co.uk domain already exists then you must own it in order to register the .uk domain.
Because I found it interesting.
Is it that it seems too easy to typo?
> It seems like a big security hole.
Then they introduced second level domains, but they're still rarely used at present. ebay.uk and google.uk are registered, but don't do anything yet.
This organizations owns c.uk (so the who-is you should lookup is just c.uk.
What I find hard to believe is that ti looks like it was registered on: 10-Jun-2014!?
That's the date when they started allowing registration for top level domains (before they just allowed second level).
Unrelated, but I've never understood why t.co counts against your tweet length.. for example, if you tweeted "ebay.c.uk", it would count for length(http://t.co/xxxxxxxxxx) characters (15 characters even though you only typed 9).
Quite optimistic :-) especially since the situation has gotten worse by two characters since then.
https://support.twitter.com/articles/109623
They very well could simply take min(len(t.co/url), len(orig_url)) without breaking any past tweets or changing the 140 character limit's spirit. It would just behave more logically.
So why do they do it here?
There's a list.
Of those, x is currently timing out, q redirects to some kind of customer-only login wall, and z is the winner as the only normal public-facing website on a single-letter .com.
I wonder if eBay still owns x.com, having been Elon Musk's PayPal precursor. If so, it's a staggering oversight to leave the domain dormant.
Yes they do. Although, I do recall x.com being online not too long ago.
An A record * .domain.com -> IP address
and in Nginx on the server with that IP address
server {
Other 2-3 letter domains seem to have been squatted (I tried several ISO codes and some newer generic TLDs).
I often wonder how many errors sent ok.us traffic to that black hole, and what they did with the data. I assume there are several other .su domains set up with blackholes as well.