Punycode / IDN Converter
Convert between Unicode internationalized domain names (IDN) and Punycode ASCII Compatible Encoding (ACE). Detect homograph attacks and inspect xn-- domains safely in your browser.
Full IDN support
Handles any valid Unicode domain: accented Latin, CJK, Arabic, Cyrillic, Greek, and even emoji. Labels are encoded and decoded independently.
Instant conversion
See Punycode or Unicode output in real time as you type. No server calls, no delays, no rate limits.
Security-first design
All processing runs locally in your browser. Inspect suspicious xn-- domains without making any network requests.
What is Punycode?
Punycode is an encoding scheme defined in RFC 3492 that translates Unicode strings into a limited ASCII character set. Because the DNS system only supports ASCII letters, digits, and hyphens, Punycode acts as a bridge between human-readable international domain names and the legacy infrastructure that powers the internet.
When you register or visit a domain with non-ASCII characters — such as münchen.de, 日本語.jp, or i❤️.ws — your browser silently converts it to its Punycode equivalent (e.g., xn--mnchen-3ya.de) before sending any DNS query. The xn-- prefix signals that the label is encoded, and the remainder is the Punycode payload.
Common use cases
- Inspecting phishing domains — convert suspicious domains to Punycode to reveal homograph attacks using Cyrillic or Greek look-alikes.
- Server log analysis — decode xn-- hostnames in Apache, Nginx, or CDN logs back to readable Unicode.
- SSL certificate review — SAN fields often contain Punycode; convert them to verify the intended domain.
- Email header inspection — Punycode appears in Received headers and DMARC reports from international senders.
- DNS debugging — query DNS directly with the Punycode form to verify resolution and records.
- Domain registration research — check whether an IDN variant of your brand is available or already registered.
Punycode vs Unicode reference
| Language / Type | Unicode domain | Punycode (ACE) |
|---|---|---|
| German | münchen.de | xn--mnchen-3ya.de |
| Japanese | 日本語.jp | xn--wgv71a119e.jp |
| Russian | пример.рф | xn--e1afmkfd.xn--p1ai |
| Arabic | مثال.إختبار | xn--mgbh0fb.xn--kgbechtv |
| Emoji | i❤️.ws | xn--i-7iq.ws |
| Greek | παράδειγμα.ελ | xn--hxajbheg2az3al.xn--qxam |
| Chinese | 例子.测试 | xn--fsq092h.xn--0zwm56d |
| Korean | 한국.kr | xn--3e0b707e.kr |
Frequently asked questions
›What is Punycode and why does it matter?
Punycode is an ASCII-compatible encoding defined by RFC 3492 that converts Unicode domain names into a format the DNS system can handle. Every internationalized domain name (IDN) containing non-ASCII characters has a Punycode representation beginning with 'xn--'. For example, münchen.de becomes xn--mnchen-3ya.de. Browsers and email servers rely on this behind the scenes to route traffic correctly.
›What is an IDN (Internationalized Domain Name)?
An IDN is a domain name that contains characters outside the basic Latin alphabet — such as accented letters (café.fr), Chinese characters (例子.测试), Arabic script, Cyrillic, or emoji. The DNS system was originally designed for ASCII only (A-Z, 0-9, hyphens), so IDNs use Punycode to bridge Unicode human-readable names with the ASCII-only infrastructure underneath.
›How do I convert a Unicode domain to Punycode?
Select the 'Unicode → Punycode' mode, paste your domain into the input box, and the tool instantly outputs the ASCII Compatible Encoding (ACE) form. Each label (the parts between dots) is encoded separately, so a domain like 日本語.jp becomes xn--wgv71a119e.jp.
›How do I decode a Punycode domain back to Unicode?
Select the 'Punycode → Unicode' mode and paste the xn-- domain into the input box. The tool decodes each label and shows the original Unicode domain. This is useful when reviewing server logs, analyzing phishing domains, or inspecting SSL certificate SAN fields.
›Is this tool safe for checking suspicious domains?
Yes. All conversion happens locally in your browser. The domain name you enter is never sent to any server, logged, or stored. This makes it ideal for inspecting potentially malicious Punycode domains (homograph attacks) safely without triggering any network requests.
›What is a homograph attack?
A homograph attack uses visually similar Unicode characters to create deceptive domain names. For example, a Cyrillic 'а' looks identical to a Latin 'a', so a domain like аррӏе.com (with Cyrillic letters) can look like apple.com. Converting to Punycode reveals the true xn-- form, making the deception visible. Always verify suspicious-looking domains with a Punycode converter.
›Does this tool handle emoji domains?
Yes. Emoji are valid Unicode characters and can appear in domain names. An emoji domain like i❤️.ws is encoded as xn--i-7iq.ws in Punycode. The converter handles all valid Unicode code points, including emoji, mathematical symbols, and combining characters.
›What does the 'xn--' prefix mean?
The prefix 'xn--' is a reserved ASCII Compatible Encoding (ACE) prefix defined by RFC 3490. It tells DNS resolvers and applications that the following characters represent a Punycode-encoded Unicode label. It is not part of the original Unicode text — it is added automatically during encoding and removed during decoding.
›Why does the DNS system need Punycode at all?
The Domain Name System (DNS) was designed in the 1980s when ASCII was the universal text standard. Retrofitting DNS to support Unicode directly would require updating billions of devices, routers, and servers worldwide. Punycode solves this by encoding Unicode into pure ASCII, allowing IDNs to work on legacy infrastructure without changing the core DNS protocol.
More free developer tools
Part of our growing tool belt — all client-side, all free.