This fact is actively used for phishing, as you can craft domains looking nearly identical to the original one, but leading to your IP address hosting the phishing mask.
One of my favorites was using Japanese full stop (U+3002) in place of periods in a bare IP or anywhere you would use a period in a FQDN (fully qualified domain name). Only tested in Chrome at the time, but the browser would “correct” it for you and take you to the intended page.
This fact is actively used for phishing, as you can craft domains looking nearly identical to the original one, but leading to your IP address hosting the phishing mask.
One of my favorites was using Japanese full stop (U+3002) in place of periods in a bare IP or anywhere you would use a period in a FQDN (fully qualified domain name). Only tested in Chrome at the time, but the browser would “correct” it for you and take you to the intended page.