I was also considering going the opposite direction and given extremely long permissions to the IP in question, i.e., longer than any practical DNS TTL. In general, I'm not too worried about a good IP becoming bad, and if an IP can be both "good" and "bad" this way I'm not going to block it with this technique anyhow. It'd be a potential hole, but if this non-existent project got to the point that it was being that directly targeted, that'd only mean we got pretty successful to even get to that point. :)

I should probably make an explicit point that I left implicit; I'm interested in anyone popping up and telling me "Hey, this thing exists already and it's http://...".

(I find myself wondering if I finally found my Rust project...)