Onion domains are so susceptible to phishing attacks.

One day, nostr-ish signing every HTTP response will be a thing.