In IDNA-aware (IDNA2003) applications, the "dot" character we see in domain names like www.example.com has several equals.  Specifically the following characters are all equivalent under IDNA rules:

U+002E (full stop)
U+3002 (ideographic full stop)
U+FF0E (fullwidth full stop)
U+FF61 (halfwidth ideographic full stop)

So the following Unicode strings are valid domain names and hyperlinks.  Note that what you see on the surface of the page content is what's in the anchor tag's href attribute.  By the time you hover your mouse over the link and even click it, the IDN-aware Web browser will have already normalized all the dot-equivalents to the U+002E full stop.  To see the test case, either copy the hyperlink using your browser's context menu (e.g. right click) or view the source of the page.

www.example.com U+002E (full stop)
www。example。com U+3002 (ideographic full stop)
www．example．com U+FF0E (fullwidth full stop)
www．example．com U+FF61 (halfwidth ideographic full stop)

There's actually a couple more bonus that equate to U+002E according to additional mapping rules:

www․example․com U+2024 (one dot leader)
www﹒example﹒com U+FE52 (small full stop)

Are there any IDNA-aware WAF's out there?  Has anyone seen this employed to bypass spam or phishing filters?