Punycode / IDN Converter

Encode Unicode domain names to Punycode (xn--) or decode them back. RFC 3492 compliant.

Unicode Domain
Punycode
Enter a domain name to convert.

How to Use the Punycode Converter

  1. Choose a direction: "Unicode → Punycode" converts an IDN domain to its xn-- form; "Punycode → Unicode" reverses it.
  2. Enter your domain — e.g., münchen.de or xn--mnchen-3ya.de.
  3. See the result — both forms are shown side by side with immediate feedback.
  4. Batch mode: paste one domain per line to convert multiple domains at once.

What Is Punycode and Why Does It Exist?

The Domain Name System was designed in 1983 when the internet was primarily used in English-speaking countries. DNS labels were restricted to letters A–Z, digits 0–9, and hyphens — a subset of ASCII. As the internet expanded globally, this limitation became a barrier. A Chinese speaker, for example, couldn't register a domain in Chinese characters.

IDNA (Internationalized Domain Names in Applications) was the solution. It defines how Unicode domain names are handled by applications, and Punycode (RFC 3492) is the encoding algorithm that bridges Unicode and ASCII. Punycode converts non-ASCII labels to a compact ASCII representation prefixed with xn-- — the "ACE prefix" that tells DNS software to treat the label as encoded Punycode.

How Punycode Encoding Works

Punycode uses a clever algorithm. For a label like münchen: first, the basic ASCII characters are extracted and placed at the start of the encoded output (mnchen). Then, the non-ASCII characters (ü = U+00FC) and their positions are encoded using a variable-length integer scheme called "generalized variable-length integers." The result is appended after a hyphen: mnchen-3ya. Adding the ACE prefix yields xn--mnchen-3ya.

Punycode and Phishing (Homograph Attacks)

Punycode can be misused in homograph attacks. Some Unicode characters look identical to ASCII letters — the Cyrillic "а" (U+0430) is visually indistinguishable from the Latin "a" (U+0061). An attacker could register xn--pple-43d.com (which displays as аpple.com with Cyrillic а) to trick users. Modern browsers combat this by showing the raw Punycode form whenever a label mixes scripts or uses certain confusable characters. Always verify the Punycode form of unfamiliar domains before clicking. Use our URL Encoder alongside this tool for full URL analysis.

Where Punycode Appears in Practice

  • DNS records — BIND and other DNS servers store Punycode labels
  • SSL/TLS certificates — SANs and CNs use Punycode for IDN domains
  • Email addresses — SMTPUTF8 allows Unicode, but older systems use Punycode for the domain part
  • Browser address bars — display Unicode for trusted scripts, raw Punycode for mixed/suspicious scripts
  • Web crawlers and scrapers — need to handle both forms when processing links

Frequently Asked Questions

Punycode is an encoding syntax (RFC 3492) that converts Unicode domain names to an ASCII-compatible format. The DNS was designed for ASCII-only labels, so Punycode bridges the gap by encoding non-ASCII characters as "xn--" followed by ASCII characters, allowing internationalized domains to work in the DNS.
The "xn--" prefix is the ACE (ASCII Compatible Encoding) prefix defined by the IDNA standard. It signals to DNS resolvers that the label is Punycode-encoded. For example, "münchen.de" becomes "xn--mnchen-3ya.de" — the xn-- prefix introduces the encoded form.
No. URL encoding (percent-encoding) is used for paths, query strings, and other URL parts. Punycode is specifically for domain name labels in DNS. A URL with an IDN domain uses Punycode for the hostname and percent-encoding for path/query components with non-ASCII characters.
Homograph attacks use Punycode to register domains that look visually identical to legitimate ones but use different Unicode characters (e.g., Cyrillic "а" vs Latin "a"). Browsers now display the raw Punycode when all characters come from a single non-Latin script to mitigate this threat.
This tool is optimized for domain names and individual labels. Enter a domain like "münchen.de" or a single label like "münchen". Paths and query strings are not Punycode-encoded — use URL encoding for those parts.