There is wrong interpretation of URL encoded characters at
https://twitter.com/safety/unsafe_link_warning endpoint which could lead to different location then what is supposed to.
Although it shows warning but doesn't show warning about punny code characters.
On following characters:
%E2%80%AE - RTLO Character
%E2%80%8E - LEFT-TO-RIGHT MARK
%E2%80%91 - Non breaking hyphen
%E2%80%A9 - PARAGRAPH SEPARATOR
%E2%80%AA 0 Right-to-left embedding
Interpretation of these characters is different but when we click continue button it will redirect you to some other location.
But originally you will be redirected to https://xn--moc-4t7s.rettiwt/ when you click continue button.
> But it is not possible to have TLD 'rettiwt'.
We can have URL as follows:
Wrong location redirection.