UPDATED 1.12.2024Punycoder - Punycode converter or an IDN converter, a tool for Punycode to Text/Unicode and vice-versa conversion.
Punycode - system for converting words that can't be written in ASCII (American Standard Code for Information Interchange), such as in Ancient Greek the phrase
ΓNΩΘIΣEAYTON, once converted into
ASCII characters, looks like this:
xn--mxadglfwep7amk6b. This conversion system allows International Domain Names (IDNs), which include
non-ASCII characters, to be displayed using only the Roman letters A to Z, the digits 0 to 9 and the hyphen (-) character.
Punycode is useful, because the world-wide Domain Name System (
DNS), which turns readable server names into computer-friendly network numbers, can only recognize limited subset of
ASCII characters in domain names. Some of the letters in the Roman alphabet are the same shape as letters in the Greek and other alphabets. Examples are the letters I, E, A, Y, T, O, and N.
A malicious site can imitate a legitimate URL and display it which leaves us with very few ways to tell if we are being tricked by an imposter. Attackers who trick people into loading the fake page can easily obtain personal information because the site is an exact copy of original one.
Many years ago, the Internet Corporation for Assigned Names and Numbers (
ICANN) allowed non-
ASCII (Unicode) characters to be included in web domains. It didn't take long for them to realize that this decision was going to cause problems. Certain characters from different languages can be confused for Unicode since they look the same when displayed in a browser. This is used as a tool by cybercriminals to
spoof URLs and target unsuspecting victims.
To counteract the issue,
ICANN developed
Punycode as a way of specifying actual domain registrations by representing Unicode within the limited character subset of
ASCII used for internet hostnames. The idea was that browsers would first read the
Punycode URL and then transform it into displayable Unicode characters inside the browser.
However, just like with Unicode,
Punycode could also hide phishing attempts, using characters found in different languages. To combat this, Web browser vendors introduced add-on filters to render URLs as
Punycode, instead of Unicode, if they contained characters from different languages.
Punycode ProblemsBy default, many web browsers use
Punycode encoding to represent Unicode characters in the URL to defend against
Homograph phishing attacks (where the website address looks legitimate, but is not, because a character or characters have been replaced deceptively with Unicode characters).
For example, the Chinese domain "
短.co" is represented in Punycode as "
xn--s7y.co" and the German city of "
München" becomes in the
Punycode "
xn--mnchen-3ya" because the letter
ü is not available in English. There are quite a few Unicode characters represented in alphabets such as Greek, Cyrillic, and Armenian, which look almost identical to Latin letters at a glance but are treated very differently by computers when resolving the different web addresses.
Homograph attacks - extremely difficult to detect based on their deployment method. Some of these steps will also protect you from other types of online attacks as well.
Example of
Punycode Phishing (Homograph) attack:
The most tricky phising website i've heard was this one. Looks like Binance.com but there are no "n". This is strange n with dot at the bottom. sourceHow to deal with such a phishing address?
Those dots are almost unnoticeable.
Another great example of
Punycode Homograph Phishing attack. This time Poloniex exchange is targeted. Just look at how similar it looks compared to the original page.
Difference between original page and malicious one is that the hacker misspelled the phrase "Sign in" as "Sing in" a couple of times.
also different in this attack is that the
SSL certificate is shown as valid:
Not all browsers are vulnerableOf all the browsers tested, three rendered the page using
Unicode characters, as appӏe.com. These are Chrome, Firefox, and Opera.
Other browsers, such as Edge, Internet Explorer, Safari, Vivaldi, and Brave, did not render the page using Unicode characters and displayed the
Punycode URL. There's a filter that checks if the
Punycode URL is in the same character set as the user's default OS settings.
Google has already fixed this issue in Chrome Stable 58.
Preventing Homograph Phishing Attacks in FirefoxFirefox users can complete the following steps to manually apply temporary protection against
Punycode Phishing (Homograph) attacks:
- Open a new tab in Firefox
- Type about:config in address bar and press Enter.
- Click the I accept the risk! button.
- Type Punycode in the search bar.
- A Preference Name titled: IDN_show_punycode will be displayed Right-Click and select Toggle to change the Value field from False to True.
- Close the about:config tab.
- Set Firefox to display Punycode names. See steps above for changing the about: config settings in Firefox.
- Click on the padlock to display the HTTPS certificate. This will show the domain name that the certificate was issued in ASCII-only format. If the name starts with xn it is a Punycode domain, no matter what it looks like in the address bar
- Check the legitimacy of URLs by copying them out of the web browser and pasting them into a text editor. A spoofed URL only appears legitimate, but it actually uses an address beginning with www.xn-- which will be revealed for what it actually is once taken outside the browser?s address bar.
- Use a Password Manager. The software will automatically enter in your login credentials for the actual domains they are linked to,
- Always manually type website URLs in the address bar for important sites like Gmail or banking websites, instead of clicking any link from a website or email.
Suspected Facebook phishing website, another
Punycode Homograph Phishing attack.
This time is much easier to see that something is wrong with these Facebook pages, even for an untrained eye, because both of the
SSL certificates are bad and displayed in red.
I hope that all these examples will help to identify
Punycode phishing attacks. One has to check everything three times to be safe online today, there are no shortcuts. This is very scary and I already have been on such malicious websites, only thanks to my password manager and other tools I was able to identify them soon enough but to be honest nobody is safe. I see hackers getting better and more greedy every day.
Look at the list I gathered, with already known
Punycode websites, for sure this is only a small percentage of what exists already. We have to imagine that every day hundreds of new phishing websites are created and we have to do all what possible to protect ourselves.
...
Check the 7 Ways to avoid a Punycode attack - Be cautious if the site presses you to do something quickly. This is a classic strategy by hackers to rush their potential victims so that they are less likely to notice anything suspicious. Often they will offer a ‘limited time only’ deal, and make it difficult to exit the page with ‘are you sure you want to exit’ pop-ups: these are all tactics to make you stay on their site longer and give them your details.
- If you are being offered a deal, go to the original company site and check if it’s available there as well, if not it’s most likely a scam doing it’s best to mimic the established brand and trick visitors into handing over their details.
- If some of the letters in the address bar look weird, or the website design looks different, rewrite it or visit the original company URL in a new tab to compare. The letters in the address bar looking strange are a key indicator that Punycode is being used to trick you into thinking you are visiting a well-established brand site when in fact you are being taken to a malicious site.
- Use a password manager; this reduces the risk of pasting passwords into dodgy sites.
- Force your browser to display Punycode names, this option is available in Firefox.
- Click on the padlock to view and inspect the HTTPS certificate.
- Use a mobile security solution and artificial intelligence to monitor all data traffic and to detect and block phishing links.
Punycode Domain Detection - developed by
Phish.ai and released as Google Chrome extension that can detect when users are accessing domains spelled using non-standard Unicode characters and warn about the potential of a homograph attack.
Punycoder - Punycode converter or an IDN converter, tool for Punycode to Text/Unicode and vice-versa conversion.Service called
Gluee with multiple tools for webmasters and developers.
https://www.gluee.com/tools/First one called
Punycoder is a tool that converts text with special characters (UNICODE) to the
Punycode encoding (just ASCII) and vice versa.
This is tool to check all suspicious
Phishing Punycode URLs. Just copy and paste the needed link.
https://www.punycoder.com/
DON'T USE ANY OF THESE LINKS - MALICIOUS WEBSITES!!!List of already known Punycode Phishing URLs:ns1.xn--aobe-l6b.com. --> ns1.aɗobe.com.
ns2.xn--aobe-l6b.com. --> ns2.aɗobe.com.
mail.xn--adoe-x34a.com. --> mail.adoḅe.com.
xn--adob-yva.com. --> adobė.com.
xn--adoe-x34a.com. --> adoḅe.com.
xn--aobe-qua.com. --> aďobe.com.
xn--dobe-p5b.com. --> ɑdobe.com.
APPLEmail.xn--pple-zna.com. --> mail.?pple.com.
ns1.xn--appl-ou5a.com. --> ns1.applẹ.com.
ns2.xn--appl-ou5a.com. --> ns2.applẹ.com.
www.xn--le-m1aa24e.com. --> www.ɑƿƿle.com.
www.xn--pple-9na.cf. --> www.âpple.cf.
www.xn--ppl-hla7b.cf. --> www.âppl?.cf.
xn--ppl-hla7b.cf. --> âppl?.cf.
www.xn--app-mra30o.com. -->
www.appɩė.com.
xn--aple-csa.com. --> ap?le.com.
xn--appl-8va.com. --> applę.com.
xn--appl-yva.com. --> applė.com.
www.xn--le-m1aa24e.com. --> www.ɑƿƿle.com.
AMAZONwww.xn--amazo-7l1b.com. -->
www.amazoṇ.com.
www.xn--amazo-vl1b.com. -->
www.amazoṅ.com.
www.xn--amzon-ucc.com. -->
www.amȧzon.com.
www.xn--mazon-2qa.de. --> www.âmazon.de.
www.xn--mazon-2qa.eu. --> www.âmazon.eu.
www.xn--mazon-wqa.com. --> www.ámazon.com.
www.xn--mzn-plab3i.com. --> www.ämäzön.com.
xn--amaon-6y1b.com. --> amaẓon.com.
xn--amaon-7hb.com. --> amaźon.com.
xn--amazo-sta.com. --> amazo?.com.
xn--amazo-vl1b.com. --> amazoṅ.com.
xn--amzon-sqa.com. --> am?zon.com.
xn--amzon-ucc.com. --> amȧzon.com.
BANK OF AMERICAwww.xn--bakofamerica-qfc.com. -->
www.baŋkofamerica.com.
mail.xn--bnkofmeric-q5aef.com. --> mail.bänkofämericä.com.
secure.xn--bakofamerica-qfc.com. --> secure.baŋkofamerica.com.
www.xn--ankofamerica-70c.com. --> www.ƅankofamerica.com.
www.xn--bakofamerica-qfc.com. -->
www.baŋkofamerica.com.
www.xn--banofamerica-p7b.com. -->
www.banĸofamerica.com.
www.xn--bnkofamerica-pob.com. --> www.bąnkofamerica.com.
www.xn--bnkofmeric-ggeef.com. --> www.bɑnkofɑmericɑ.com.
www.xn--bnkofmeric-q5aef.com. --> www.bänkofämericä.com.
xn--ankofamerica-70c.com. --> ƅankofamerica.com.
xn--bakofamerica-qfc.com. --> baŋkofamerica.com.
xn--banofamerica-p7b.com. --> banĸofamerica.com.
xn--bnkofamerica-pob.com. --> bąnkofamerica.com.
xn--bnkofmeric-ggeef.com. --> bɑnkofɑmericɑ.com.
xn--bnkofmeric-q5aef.com. --> bänkofämericä.com.
BITTREXxn--bitrex-rkb.com. --> bitţrex.com.
xn--bittex-zx7b.com. --> bittṛex.com.
xn--bittrx-7ua.com. --> bittr?x.com.
www.xn--bitrex-rkb.com. -->
www.bitţrex.com.
www.xn--bittrx-7ua.com. -->
www.bittr?x.com.
xn--ittrex-hrb.com. --> ƅittrex.com.
www.xn--ittrex-hrb.com. --> www.ƅittrex.com.
xn--bttx-vpa4unq.com --> bíttŕēx.com
CISCO
xn--csco-lza.com. --> cısco.com.
xn--csco-qpa.com. --> c?sco.com.
xn--csco-vpa.com. --> císco.com.
xn--n1afa3fe.net. --> cisco.net.
COINBASExn--cinbase-10a.com. --> c?inbase.com.
xn--cinbase-90a.com. --> cöinbase.com.
xn--cinbase-d0a.com. --> c?inbase.com.
xn--cinbase-t0a.com. --> côinbase.com.
xn--coibase-6za.com. --> coi?base.com.
xn--coibase-r13c.com. --> coiṇbase.com.
xn--coinbae-fqb.com. --> coinbaşe.com.
xn--coinbas-8xa.com. --> coinbas?.com.
xn--coinbas-pya.com. --> coinbas?.com.
xn--coinbas-z8a.com. --> coinbasė.com.
xn--coinbse-9wa.com. --> coinbäse.com.
xn--coinbse-lwa.com. --> coinbáse.com.
xn--conbase-0ya.com. --> co?nbase.com.
xn--conbase-feb.com. --> coīnbase.com.
xn--conbase-hza.com. --> coînbase.com.
xn--conbase-pza.com. --> co?nbase.com.
xn--conbase-sfb.com. --> coınbase.com.
xn--oinbase-l5a.com. --> ĉoinbase.com.
xn--oinbase-txa.com. --> çoinbase.com.
CREDIT SUISSExn--crditsuisse-cbb.at. --> créditsuisse.at.
xn--crditsuisse-cbb.ch. --> créditsuisse.ch.
xn--crditsuisse-cbb.com. --> créditsuisse.com.
xn--crditsuisse-cbb.de. --> créditsuisse.de.
xn--crditsuisse-cbb.dk. --> créditsuisse.dk.
xn--crditsuisse-cbb.eu. --> créditsuisse.eu.
xn--crditsuisse-cbb.net. --> créditsuisse.net.
xn--crdit-suisse-ceb.at. --> crédit-suisse.at.
xn--crdit-suisse-ceb.ch. --> crédit-suisse.ch.
xn--crdit-suisse-ceb.com. --> crédit-suisse.com.
xn--crdit-suisse-ceb.de. --> crédit-suisse.de.
xn--crdit-suisse-ceb.dk. --> crédit-suisse.dk.
xn--crdit-suisse-ceb.net. --> crédit-suisse.net.
xn--credit-sisse-klb.com. --> credit-süisse.com.
EBAYxn--bay-ema.com. --> ?bay.com.
xn--eby-fla.com. --> ebáy.com.
xn--eby-bla.com. --> eb?y.com.
xn--eby-hsb.com. --> ebɑy.com.
xn--eby-jla.com. --> ebây.com.
xn--80aj7b8a.com. --> eьay.com.
FACEBOOKwww.xn--acebook-js3c.com. --> www.ḟacebook.com.
www.xn--acebook-w1b.net. --> www.?acebook.net.
www.xn--aceook-dg7b2i.com. --> www.ḟaceḃook.com.
xn--acebook-js3c.com. --> ḟacebook.com.
xn--aceook-dg7b2i.com. --> ḟaceḃook.com.
xn--faboo-5xa8ftm.eu. --> faċėbooķ.eu.
xn--fabook-qva9w.eu. --> faċëbook.eu.
xn--facboo-k4a3x.eu. --> facėbooķ.eu.
xn--facbook-4xa.com. --> fac?book.com.
xn--facbook-lya.fr. --> fac?book.fr.
xn--facbook-v8a.eu. --> facėbook.eu.
xn--facebok-50a.fr. --> faceb?ok.fr.
xn--facebok-60a.tk. --> facebo?k.tk.
xn--facebok-h0a.eu. --> faceb?ok.eu.
xn--facebok-x0a.fr. --> facebôok.fr.
xn--faceboo-jhb.com. --> facebooĸ.com.
xn--faceboo-jhb.net. --> facebooĸ.net.
xn--faceook-pm3c.com. --> faceḅook.com.
xn--faebok-xua7j.fr. --> façeboök.fr.
xn--faebook-35a.com. --> faċebook.com.
xn--fcbook-w0a9l.eu. --> fącėbook.eu.
xn--fcebook-8va.com. --> f?cebook.com.
xn--fceboo-w0a91b.eu. --> fącebooķ.eu.
www.xn--fabook-41a0h.eu. -->
www.faċėbook.eu.
www.xn--fabook-xua89a.eu. -->
www.façėbook.eu.
www.xn--facebok-60a.tk. -->
www.facebo?k.tk.
www.xn--facebok-e1a.com. -->
www.faceböok.com.
www.xn--facebok-h0a.fr. -->
www.faceb?ok.fr.
www.xn--facebok-i0a.eu. -->
www.facebo?k.eu.
www.xn--faceok-sg7bq0e.com. -->
www.faceḅọok.com.
www.xn--faceook-1yb.com. -->
www.faceƅook.com.
www.xn--faebook-35a.com. -->
www.faċebook.com.
www.xn--faebook-64a.eu. -->
www.faćebook.eu.
www.xn--fcebook-s3a.tk. --> www.fācebook.tk.
m.xn--80akppap2f62a.com. --> m.ғaceьooк.com.
xn--80akppap2f62a.com. --> ғaceьooк.com.
GOOGLEwww.xn--oole-9pb06e.com. --> www.ǥooɡle.com.
ww25.xn--gogle-uob.com. --> ww25.gơogle.com.
xn--ggle-lqaa.com. --> g??gle.com.
xn--gogl-1nd42e.com. --> google.com.
xn--gogle-7ta.com. --> goôgle.com.
xn--gogle-jua.com. --> göogle.com.
xn--gogle-kua.com. --> goögle.com.
xn--gogle-uta.com. --> g?ogle.com.
xn--gogle-vob.com. --> goơgle.com.
xn--googl-n0a.com. --> googlę.com.
xn--oogl-epa71n.com. --> ǵooglé.com.
xn--oogle-v1a.xyz. --> ġoogle.xyz.
xn--oole-9pb06e.com. --> ǥooɡle.com.
www.xn--ggl-8la1ca.com. -->
www.g??gl?.com.
www.xn--ggle-lqaa.com. -->
www.g??gle.com.
www.xn--gogle-uta.com. -->
www.g?ogle.com.
www.xn--googl-n0a.com. -->
www.googlę.com.
KRAKENxn--80afhrc5a.com. --> кгaкeп.com.
xn--krken-nra.com. --> kr?ken.com.
xn--raken-gnb.com. --> ƙraken.com.
xn--raken-n5a.com. --> ķraken.com.
MICROSOFTww8.xn--mcrosoft-tkb.com. --> ww8.mıcrosoft.com.
www.xn--mcrosoft-c2a.es. --> www.mícrosoft.es.
windows.xn--mcrosoft-c2a.com. --> windows.mícrosoft.com.
ww8.xn--mcrosoft-tkb.com. --> ww8.mıcrosoft.com.
www.xn--icrosoft-g89c.com. --> www.ṃicrosoft.com.
www.xn--mcosoft-rfb211a.com. --> www.mıcɾosoft.com.
www.xn--mcrosof-7ya00i.com. --> www.mícrosofť.com.
www.xn--mcrosoft-21a.ch. -->
www.m?crosoft.ch.
www.xn--mcrosoft-21a.com. -->
www.m?crosoft.com.
www.xn--mcrosoft-21a.eu. -->
www.m?crosoft.eu.
www.xn--mcrosoft-21a.fr. -->
www.m?crosoft.fr.
www.xn--mcrosoft-9ib.com. --> www.mīcrosoft.com.
www.xn--mcrosoft-c2a.com. --> www.mícrosoft.com.
www.xn--mcrosoft-c2a.de. --> www.mícrosoft.de.
www.xn--mcrosoft-c2a.es. --> www.mícrosoft.es.
www.xn--mcrosoft-c2a.eu. --> www.mícrosoft.eu.
www.xn--mcrosoft-g80d.com. --> www.mịcrosoft.com.
www.xn--mcrosoft-l2a.com. --> www.mîcrosoft.com.
www.xn--mcrosoft-tkb.com. --> www.mıcrosoft.com.
www.xn--mcrosoft-tkb.de. --> www.mıcrosoft.de.
www.xn--mcrosoft-u2a.com. -->
www.m?crosoft.com.
www.xn--microsft-03a.com. -->
www.microsóft.com.
www.xn--microsft-9fd.com. -->
www.microsȯft.com.
www.xn--microsot-ez9c.com. -->
www.microsoḟt.com.
www.xn--microsot-x9b.com. -->
www.microso?t.com.
www.xn--micrsoft-y3a.com. -->
www.micrósoft.com.
xn--icrosoft-g89c.com. --> ṃicrosoft.com.
xn--mcosoft-rfb211a.com. --> mıcɾosoft.com.
xn--mcrosof-7ya00i.com. --> mícrosofť.com.
xn--mcrosoft-21a.ch. --> m?crosoft.ch.
xn--mcrosoft-21a.com. --> m?crosoft.com.
xn--mcrosoft-21a.eu. --> m?crosoft.eu.
xn--mcrosoft-21a.fr. --> m?crosoft.fr.
xn--mcrosoft-9ib.com. --> mīcrosoft.com.
xn--mcrosoft-c2a.com. --> mícrosoft.com.
xn--mcrosoft-c2a.de. --> mícrosoft.de.
xn--mcrosoft-c2a.es. --> mícrosoft.es.
xn--mcrosoft-g80d.com. --> mịcrosoft.com.
xn--mcrosoft-l2a.com. --> mîcrosoft.com.
xn--mcrosoft-tkb.com. --> mıcrosoft.com.
xn--mcrosoft-tkb.de. --> mıcrosoft.de.
xn--mcrosoft-u2a.com. --> m?crosoft.com.
xn--micosoft-i0d.com. --> micɾosoft.com.
xn--microoft-l9c.com. --> microșoft.com.
xn--microsft-03a.com. --> microsóft.com.
xn--microsft-9fd.com. --> microsȯft.com.
xn--microsof-eyb.com. --> microsofť.com.
xn--microsof-hk0d.com. --> microsofṭ.com.
xn--microsot-ez9c.com. --> microsoḟt.com.
xn--microsot-x9b.com. --> microso?t.com.
xn--micrsoft-y3a.com. --> micrósoft.com.
NETFLIXxn--etflix-vwa.com. --> ?etflix.com.
www.xn--netflx-0va.com. -->
www.netfl?x.com.
ns1.xn--ntflix-iva.com. --> ns1.n?tflix.com.
ns2.xn--ntflix-iva.com. --> ns2.n?tflix.com.
ww1.xn--etflix-vwa.com. --> ww1.?etflix.com.
ww35.xn--etflix-vwa.com. --> ww35.?etflix.com.
ww8.xn--etflix-vwa.com. --> ww8.?etflix.com.
www.xn--etflix-vwa.com. --> www.?etflix.com.
www.xn--netflx-0va.com. -->
www.netfl?x.com.
www.xn--netflx-7va.com. -->
www.netflíx.com.
www.xn--netflx-7va.eu. -->
www.netflíx.eu.
www.xn--netflx-f9a.com. -->
www.netflįx.com.
www.xn--netflx-mwa.com. -->
www.netfl?x.com.
www.xn--netflx-t9a.com. -->
www.netflıx.com.
www.xn--netlix-5tb.com. -->
www.net?lix.com.
www.xn--ntflix-bva.com. --> www.nétflix.com.
www.xn--ntflix-i4a.com. --> www.nėtflix.com.
www.xn--ntflix-iva.com. -->
www.n?tflix.com.
xn--etflix-vwa.com. --> ?etflix.com.
xn--netflx-0va.com. --> netfl?x.com.
xn--netflx-7va.com. --> netflíx.com.
xn--netflx-7va.eu. --> netflíx.eu.
xn--netflx-f9a.com. --> netflįx.com.
xn--netflx-mwa.com. --> netfl?x.com.
xn--netflx-t9a.com. --> netflıx.com.
xn--netlix-5tb.com. --> net?lix.com.
xn--ntflix-bva.com. --> nétflix.com.
xn--ntflix-i4a.com. --> nėtflix.com.
xn--ntflix-iva.com. --> n?tflix.com.
NEW YORK TIMESxn--nytmes-5va.com. --> nytímes.com.
xn--nytmes-dwa.com. --> nytîmes.com.
xn--nytmes-yk8b.com. --> nytỉmes.com.
xn--nytmes-yva.com. --> nyt?mes.com.
xn--ytimes-vwa.com. --> ?ytimes.com.
POLONIEX
xn--polonex-3ya.com. --> polon?ex.com.
xn--oloiex-yt7b2e.com. --> ṗoloṇiex.com.
xn--oloniex-c53c.com. --> ṗoloniex.com.
xn--plonex-6va6c.com. --> pôloníex.com.
xn--ploniex-l0a.com. --> póloniex.com.
xn--polniex-ex4c.com. --> polọniex.com.
xn--polniex-n0a.com. --> polóniex.com.
xn--poloiex-s13c.com. --> poloṇiex.com.
xn--polonex-cza.com. --> poloníex.com.
xn--polonex-ffb.com. --> polonįex.com.
xn--polonex-ieb.com. --> polonīex.com.
xn--polonex-kza.com. --> polonîex.com.
xn--polonex-sza.com. --> polon?ex.com.
xn--polonex-vfb.com. --> polonıex.com.
xn--polonex-zw4c.com. --> polonịex.com.
xn--polonix-ws4c.com. --> poloniẹx.com.
xn--polonix-y8a.com. --> poloniėx.com.
xn--pooniex-ojb.com. --> połoniex.com.
TWITTERwww.xn--twittr-7ua.tv. -->
www.twitt?r.tv.
www.xn--twittr-mva.tv. -->
www.twitt?r.tv.
www.xn--twittr-tva.net. -->
www.twittër.net.
www.xn--twtter-4va.net. -->
www.twítter.net.
xn--twtter-cwa.com. --> twîtter.com.
xn--twtter-q9a.net. --> twıtter.net.
xn--twttr-7raz.com. --> tw?tt?r.com.
xn--e1azaa2a9b5b.com. --> тшiттeя.com.
WALMARTxn--wlmart-ita.com. --> w?lmart.com.
xn--walmrt-lta.com. --> walm?rt.com.
xn--wlmart-bua.com. --> wälmart.com.
xn--wlmart-ita.com. --> w?lmart.com.
xn--wlmart-pta.com. --> wálmart.com.
WELLSFARGOxn--wellsfarg-3mc.com. --> wellsfargơ.com.
xn--wellsfarg-e7a.com. --> wellsfargó.com.
xn--wellsfarg-tl7d.com. --> wellsfargọ.com.
xn--wellsfrgo-51a.com. --> wellsfárgo.com.
YAHOOnews.xn--yah-inaa.es. --> news.yahóó.es.
news.xn--yaho-7qa.biz. --> news.yahöo.biz.
news.xn--yaho-7qa.info. --> news.yahöo.info.
news.xn--yaho-8qa.biz. --> news.yahoö.biz.
news.xn--yaho-nqa.com. --> news.yah?o.com.
news.xn--yaho-sqa.es. --> news.yahóo.es.
news.xn--yaho-tqa.es. --> news.yahoó.es.
news.xn--yaho-tqa.org. --> news.yahoó.org.
news.xn--yah-unaa.biz. --> news.yahöö.biz.
news.xn--yah-unaa.info. --> news.yahöö.info.
test.xn--yaho-7qa.biz. --> test.yahöo.biz.
test.xn--yaho-7qa.de. --> test.yahöo.de.
test.xn--yaho-8qa.biz. --> test.yahoö.biz.
test.xn--yaho-8qa.info. --> test.yahoö.info.
test.xn--yaho-sqa.org. --> test.yahóo.org.
test.xn--yaho-tqa.com. --> test.yahoó.com.
test.xn--yaho-tqa.es. --> test.yahoó.es.
test.xn--yaho-tqa.org. --> test.yahoó.org.
test.xn--yaho-yqa.com. --> test.yahoô.com.
test.xn--yah-unaa.info. --> test.yahöö.info.
wp.xn--yah-inaa.org. --> wp.yahóó.org.
wp.xn--yaho-7qa.biz. --> wp.yahöo.biz.
wp.xn--yaho-7qa.de. --> wp.yahöo.de.
wp.xn--yaho-8qa.biz. --> wp.yahoö.biz.
wp.xn--yaho-8qa.de. --> wp.yahoö.de.
wp.xn--yaho-8qa.info. --> wp.yahoö.info.
wp.xn--yaho-nqa.com. --> wp.yah?o.com.
wp.xn--yaho-tqa.org. --> wp.yahoó.org.
wp.xn--yaho-yqa.com. --> wp.yahoô.com.
ww8.xn--yaho-yqa.com. --> ww8.yahoô.com.
www.xn--yah-inaa.es. -->
www.yahóó.es.
www.xn--yah-inaa.org. -->
www.yahóó.org.
www.xn--yaho-7qa.biz. -->
www.yahöo.biz.
www.xn--yaho-7qa.de. -->
www.yahöo.de.
www.xn--yaho-7qa.info. -->
www.yahöo.info.
www.xn--yaho-8qa.biz. -->
www.yahoö.biz.
www.xn--yaho-8qa.info. -->
www.yahoö.info.
www.xn--yaho-nqa.com. -->
www.yah?o.com.
www.xn--yaho-ogb.com. -->
www.yahoơ.com.
www.xn--yaho-tqa.com. -->
www.yahoó.com.
www.xn--yaho-tqa.es. -->
www.yahoó.es.
www.xn--yaho-x0b.com. -->
www.yahȯo.com.
www.xn--yah-unaa.biz. -->
www.yahöö.biz.
www.xn--yah-unaa.info. -->
www.yahöö.info.
www.xn--yaoo-674a.com. -->
www.yaḣoo.com.
www.xn--yaoo-6xa.com. -->
www.yaħoo.com.
xn--ahoo-4ra.com. --> ýahoo.com.
xn--yah-inaa.es. --> yahóó.es.
xn--yaho-7qa.biz. --> yahöo.biz.
xn--yaho-7qa.info. --> yahöo.info.
xn--yaho-8qa.info. --> yahoö.info.
xn--yaho-nqa.com. --> yah?o.com.
xn--yaho-ogb.com. --> yahoơ.com.
xn--yaho-sqa.org. --> yahóo.org.
xn--yaho-tqa.es. --> yahoó.es.
xn--yaho-tqa.org. --> yahoó.org.
xn--yaho-x0b.com. --> yahȯo.com.
xn--yaho-yqa.com. --> yahoô.com.
xn--yah-unaa.biz. --> yahöö.biz.
xn--yah-unaa.info. --> yahöö.info.
xn--yhoo-0na.com. --> y?hoo.com.
xn--yhoo-loa.info. --> yähoo.info.
xn--yho-qla5g.info. --> yähöo.info.
xn--yho-qla6g.info. --> yähoö.info.
WIKIPEDIAxn--wiipedia-nmb.com. --> wiĸipedia.com.
xn--wikipdia-50a.cat. --> wikip?dia.cat.
xn--wikipdia-f1a.com. --> wikipédia.com.
xn--wikipdia-f1a.net. --> wikipédia.net.
xn--wikipdia-f1a.org. --> wikipédia.org.
xn--wikipeda-81a.com. --> wikiped?a.com.
xn--wikipeda-i2a.org. --> wikipedía.org.
xn--wikpedia-e2a.org. --> wikípedia.org.
xn--wkipeda-rfbf.com. --> wıkipedıa.com.
xn--wkipedia-c2a.org. --> wíkipedia.org.
xn--wkipedia-u2a.com. --> w?kipedia.com.
xn--wkpedia-7yab.org. --> wíkípedia.org.
xn--wkpedia-rfbb.com. --> wıkıpedia.com.
xn--wkpedia-zyab.com. --> w?k?pedia.com.
YANDEXwww.xn--yande-vx1b.com. -->
www.yandeẋ.com.
www.xn--yanex-vb1b.com. -->
www.yanḋex.com.
www.xn--yndex-0jc.com. --> www.yɑndex.com.
xn--yande-uze.ru.ru. --> yandex.ru.ru.
xn--yndex-3wa.com. --> yąndex.com.
YOUTUBExn--yotube-jnb.com. --> yoűtube.com.
xn--youtub-nva.com. --> youtub?.com.
xn--youtue-7g7b.com. --> youtuḇe.com.
ww11.xn--yotube-jya.com. --> ww11.yo?tube.com.
ww43.xn--yotube-4ya.com. --> ww43.yoütube.com.
www.xn--yotube-4ya.com. -->
www.yoütube.com.
www.xn--youtue-7g7b.com. -->
www.youtuḇe.com.
www.xn--youube-kmc.com. -->
www.youțube.com.
xn--outube-9ya.com. --> ýoutube.com.
www.xn--outube-9s8b.com. --> www.ỳoutube.com.
www.xn--outube-9ya.de. --> www.ýoutube.de.
MISC: LUXURY BRANDS
www.xn--gucc-tpa.com. -->
www.gucc?.com.
xn--gucc-tpa.com. --> gucc?.com.
xn--herms-7ra.com. --> herm?s.com.
www.xn--herms-7ra.fr. -->
www.herm?s.fr.
www.xn--lousvuitton-qcb.com. -->
www.louísvuitton.com.
MISC: SOCIAL PLATFORMSxn--nstagram-11a.com. --> ?nstagram.com.
xn--nstagram-skb.com. --> ınstagram.com.
www.xn--nstagram-skb.com. --> www.ınstagram.com.
xn--istagram-7pb.com. --> iņstagram.com.
www.xn--imgu-t4a.com. -->
www.imguŕ.com.
xn--imgr-sra.com. --> imgúr.com.
xn--whatspp-lwa.com. &n
article used as a source for information:
https://www.bleepingcomputer.com/news/security/chrome-extension-detects-url-homograph-unicode-attacks/