However, why does it work in such a way that it blocks the whole domain and not just the subdomains?
Is it far fetched that the people controlling a subdomain may not be the same that control the domain?
However, why does it work in such a way that it blocks the whole domain and not just the subdomains?
Is it far fetched that the people controlling a subdomain may not be the same that control the domain?
Which subdomains?
To be clear, the issue here is that some subdomains pose a risk to the overall domain - visiting any increases your risk from others. It's also related to a GitHub workflow that auto-generates new subdomains on demand, so there's no possibility to have a fixed list of known subdomains since new ones are constantly being created.
That’s what the Public Suffix List is for