This is such a neat hack! I wasn't able to figure out how to get a padlock at the start of the spoofed domain, but as an example, chuck this in your browser bar `عربي.امارات/google.com/test/test` (no need to hit enter)
*edit: HN removed the unicode lock. It was after the .com