Allowing showing different domains than the actual click target is wildly reckless and should be punishable.
“Oh but our poor advertisers want to use click tracking and it is too hard to set up on their main domain”. Oh boo hoo, I’m sure if it is important to them they will figure it out.
Probably not. Google Ads explicitly allows mismatch between displayed domain and actual domain. This is literally a supported configuration with no tricks.
The link you sent gives me a “Redirect Notice” interstitial that mitigates this attack greatly.