The Umbrella Documentation Hub

Welcome to the Umbrella documentation hub. Here you'll find access to all of our Cisco Umbrella user guides.

Get Started    

Add Punycode Domain Name to Destination List

To block suspicious destinations and prevent phishing attacks, you can add a domain name encoded in Punycode to destination lists. Punycode is a character encoding that can represent Unicode as a subset of ASCII.

The domain name system (DNS) accepts a subset of ASCII characters for domain name labels. In phishing attacks, a malicious actor may replace certain ASCII characters in a domain name with Unicode characters. A browser or mobile client displays the altered domain name (as Unicode) which closely resembles an authentic domain name. To prevent phishing attacks and block malicious domain names, you can encode a domain name that contains Unicode characters in Punycode. Once encoded, add the Punycode string to a destination list. For more information about Punycode, see RFC 3429.

For more information about preventing Punycode attacks, see Umbrella Learning Center: Punycode Awareness and Protection.

Note: You can only add Punycode encoded domain names to a destination list one at a time.

Examples of Unicode and Punycode Encoded Strings

Unicode
Punycode
Description

a

a-

Only one ASCII character.

😉

xn--n28h

Only one emoji character.

α

mxa

Only one Greek character.

starɓucks.com

xn--starucks-hpd.com

Domain name with a Unicode character.

adıdas.de

Domain name with a Unicode character.


Wildcards and Destination Lists < Add Punycode Domain Name to Destination List > Test Your Destinations

Updated 7 months ago

Add Punycode Domain Name to Destination List


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.