Domain naming tricks, 2026

Domain Hacks: Creative TLD Tricks (And Where They Break)

Reviewed by the Domain Search King editorial team · Updated July 2026

bit.ly, del.icio.us, redd.it — some of the cleverest domain names in tech spell a word across the dot using someone else's country code. It's a real, legitimate naming technique. It's also a lease on sovereign territory you don't control, and more than one famous hack has found that out the hard way.

bit ly THE DOT IS A COUNTRY del.icio.us · ma.tt · redd.it · t.co · twitch.tv

What a Domain Hack Actually Is

A domain hack is a domain name that spells a word or phrase when you read straight across the dot, folding a country-code top-level domain (ccTLD) into the end of the word instead of treating it as a separate suffix. "Hack" here means clever trick, the same sense as in "programming hack" — not a security exploit.

The technique's founding example is del.icio.us. The social-bookmarking site icio.us registered its domain on May 3, 2002, using the .us ccTLD, just days after the United States opened .us to ordinary second-level registration on April 24, 2002 — before that, .us only allowed deep, bureaucratic addresses like "name.locality.state.us." Delicious then layered "del" on as a subdomain, so the full string read del.icio.us — read slowly it looks like nonsense, read at speed it says "delicious" (ICANNWiki, Wikipedia). Yahoo bought the company in 2006; the product itself shut down in 2017. As of this writing, del.icio.us still resolves in a browser, but its TLS certificate has expired — a fittingly half-abandoned state for the hack that started the trend.

The Hall of Fame (and What Happened to Each)

Domain hacks took off in the URL-shortener era, when brevity was the entire product. Here's what each of the most-cited examples actually spells, which country's ccTLD it borrows, and its verified status today.

DomainSpells / usesccTLD (country)Status today
del.icio.us"delicious".us (United States)Resolves, but TLS cert expired; product shut down 2017
bit.lyBitly's brand.ly (Libya)Live, redirects to bitly.com
instagr.am"Instagram".am (Armenia)Live, redirects to instagram.com
flic.kr"Flickr".kr (South Korea)Live, serves Flickr's full site
redd.it"Reddit".it (Italy)Still Reddit's official share-link domain
t.coX's link wrapper.co (Colombia)Live, wraps every link posted on X
youtu.beYouTube's shortener.be (Belgium)Live, redirects to youtube.com
goo.glGoogle's old shortener.gl (Greenland)Returns errors; Google began retiring inactive links in 2025
itun.esApple's old iTunes shortener.es (Spain)Dead — domain no longer resolves
ma.ttMatt Mullenweg's name.tt (Trinidad & Tobago)Live, his personal blog since 2007
twitch.tv"Twitch TV".tv (Tuvalu)Live, one of the largest streaming platforms online

Verified directly by fetching each domain, July 2026. History and origin details: ICANNWiki, Wikipedia, Matt Mullenweg, Google Developers Blog.

Two things stand out. First, most of these were built for a URL-shortener use case where the whole domain is the product — which is why goo.gl's death and itun.es's disappearance didn't take a company down with them; the shortener was disposable, the brand behind it wasn't. Second, ma.tt is the purest form of the trick: no shortener function at all, just a name spelled correctly using a country most people have never registered anything in. Matt Mullenweg found it by scanning a spreadsheet of ccTLDs looking for one that would spell his own name, and paid roughly $500/year for the first two years via international wire transfer, since Trinidad and Tobago's registry didn't take credit cards at the time (Matt Mullenweg, ma.tt).

When the Hack Breaks: vb.ly and the Sharia Law Clause

The clearest cautionary tale in domain-hack history is vb.ly. Journalist Violet Blue and Ben Metcalfe registered the two-letter .ly domain in 2009 for a link-shortening tool. In September 2010, Libya's registry, NIC.ly, deleted vb.ly without warning, telling the owners that its content — reportedly including a photo of Blue with bare arms and the phrase "sex-positive" — violated Libyan Islamic Sharia law and was therefore "offensive, obscene and illegal" (The Register, CircleID).

The seizure triggered a policy change that's still in effect: as of June 2010, any .ly domain of four characters or fewer became restricted to registrants with an actual presence in Libya. Existing short .ly domains could keep renewing, but new registrations of that length were closed to the rest of the world (TheDomains.com). Bitly's own three-letter SLD ("bit") would qualify as a restricted short name under that rule today, but bit.ly predates the 2010 policy change and, as an existing registrant, was grandfathered in.

The lesson generalizes past Libya: a ccTLD is a piece of internet infrastructure that a national government or its delegated registry controls, and that government's content rules — whatever they are — apply to you even if you've never set foot in the country.

Recent proof it's not just a 2010 story: queer.af

In February 2024, the Taliban-controlled Afghanistan Ministry of Communications and IT shut down the .af domain behind queer.af, an LGBTQ-focused Mastodon instance, roughly two months before its scheduled renewal — administrator Erin Shepherd was given no advance warning (404 Media). The registrant hadn't broken any stated rule; the domain's home country simply decided it didn't want that content live under its code. Afghanistan's .af registry also runs a fully public WHOIS database, which researchers have flagged as a genuine safety risk for .af registrants who don't want their identity tied to politically sensitive content (Digital Medusa).

Which TLDs Actually Make Good Hacks

Not every ccTLD is created equal for this purpose. Some read as real English fragments, some are cheap and unrestricted, and some carry genuine geopolitical or policy risk. Here's the honest rundown of the ten most commonly used for hacks:

TLDCountryReads asRegistration note
.usUnited Statesword-final "us" (del.icio.us)Open to anyone since 2002; typically inexpensive, similar to .com pricing
.lyLibya"-ly" adverbs (bit.ly)Names of 4 characters or fewer restricted to Libyan presence since 2010; content subject to Sharia-law review
.itItaly"it" (redd.it)Open worldwide, no residency requirement, inexpensive
.ioBritish Indian Ocean Territory"input/output," reads as a techy suffixOpen worldwide; long-term registry continuity tied to the 2025 Chagos treaty (see below)
.aiAnguillaliteral "AI"Mandatory 2-year minimum term; wholesale price rose to $160 per 2 years in March 2026
.erEritreararely usableNot currently open for registration through any registrar — effectively unusable
.meMontenegro"me" (personal branding)Open worldwide, no restrictions, among the cheapest options here
.ggGuernseygaming slang "gg" (good game)Open worldwide; no restrictions, but pricier than most ccTLDs
.tvTuvalu"television / video" (twitch.tv)Open worldwide; some short/dictionary names carry registry-set premium pricing
.shSaint HelenaUnix "sh" shell scriptsOpen worldwide, no restrictions; popular with developer tools

Pricing and restriction details aggregated from TLD-List, TLD-List (.ly), Namecheap, and registrar listings for each TLD, July 2026; .ai figure specifically from reporting on Anguilla's registry pricing change (see below); .er confirmed unregistrable across multiple registrar factsheets.

Typical renewal cost per year (approximate, varies by registrar)

.it
$6–20
.us
$8–15
.me
$14–30
.co
$27–30
.tv
$30–35
.sh
$32–63
.io
$32–87
.gg
$50–90
.ai
~$80–110/yr*
.ly
$82–230
*.ai has no single-year option — the figure above annualizes its mandatory 2-year term (roughly $160–220 total). .ly's top end applies mainly to short, in-demand names; longer .ly names run cheaper. Ranges reflect spread across multiple registrars, not one fixed price.

A quick read on the two extensions with real continuity questions, both covered in more depth elsewhere on this site: .io vs .com walks through .io's Chagos-treaty risk in full, and the pricing/2-year-term tradeoffs of .ai are part of the broader startup-extension picture on this site as well.

The .io Wildcard: A Domain Hack Built on a Disputed Territory

.io is the single most-used ccTLD for tech-branded domain hacks and startup names generally, because "io" reads naturally as computing's own "input/output." But .io is assigned to the British Indian Ocean Territory (BIOT), and in October 2024 the UK and Mauritius reached a political agreement to transfer sovereignty of the underlying Chagos Archipelago to Mauritius, formalized in a treaty signed May 22, 2025 (ICANN).

ICANN's ccTLD assignments are tied to a live ISO 3166-1 country code. If "IO" is ever formally retired from that standard, ICANN's own retirement policy would kick in, which allows a multi-year phase-out window rather than an overnight shutdown. With more than 1.6 million .io domains registered against Mauritius's own .mu registry holding only around 24,731, a fast kill looks commercially and politically unlikely — but "unlikely" isn't "guaranteed," and as of mid-2025 no formal retirement decision had been made either way (Domain Incite, The Register).

Do Domain Hacks Hurt SEO?

Not automatically, and this is where a lot of casual advice gets it wrong. Google's own Search Central documentation explicitly distinguishes two categories: true ccTLDs, which Google reads as a strong signal that a page targets that specific country, and a defined list of ccTLDs that Google treats as generic (gTLD-like) instead, "as we've found that users and website owners frequently see these more generic than country-targeted." That list includes .io, .ai, .co, .me, and .tv — along with .ad, .as, .bz, .cc, .cd, .dj, .fm, .la, .ms, .nu, .sc, .sr, .su, .tk, and .ws (Google Search Central).

So a hack built on .io, .ai, .co, .me, or .tv doesn't get silently geotargeted to a random country in Google's index. But .ly, .it, .tt, .am, .kr, .es, .fi, .be, .af, .gl, and .sh are not on that generic list — meaning Google's default behavior can read a hack built on one of those as a country-targeted site, which is the wrong signal for a global product. Google's documented fix is straightforward: explicitly set a country target (or none) rather than leaving it to the extension to imply one, using hreflang, a subdirectory/subdomain structure, or Search Console's international targeting settings. For more pitfalls when a name crosses borders, see international domain name mistakes.

How to Hunt for a Domain Hack

  1. Start from the word, not the TLD. Write out the exact word or phrase you want, then look at where a natural break falls two or three letters from the end — that's your candidate ccTLD.
  2. Use a generator, not manual guessing. Tools like domainhacks.info (which checks against roughly 1,466 TLDs) and Dot-o-mator take a word or word-pair and surface every valid split automatically, which is far faster than scanning an ISO country list by hand (domainhacks.info, Dot-o-mator).
  3. Verify availability live, not from a cached list. Generator tools are good at generating candidates and bad at confirming they're actually free right now. Check any shortlist directly — Domain Search King's multi-TLD availability check confirms status live via RDAP rather than a stale index.
  4. Check the registry's actual rules before falling in love with a name. Some ccTLDs require local presence for short names (.ly), some require a minimum multi-year term (.ai), and a few aren't registrable through any public channel at all (.er). Five minutes on the registry's own policy page beats finding out after you've already told people your new name.
  5. Run a trademark check. A clever split doesn't override someone else's mark. Under the UDRP, a complainant with a registered trademark can reclaim a domain if it's confusingly similar and registered in bad faith — plenty of ccTLD registries mirror UDRP or run a close local equivalent (WIPO UDRP Guide).

The general principles for picking any name still apply on top of the ccTLD-specific checks — see the full domain naming guide for the naming fundamentals a clever split doesn't replace.

The real risks, in one place

  • Sovereign seizure. The country controlling your ccTLD can revoke it for content reasons you don't control (vb.ly, queer.af).
  • Registry policy changes. Rules can tighten after the fact and apply retroactively to new registrants, even if existing ones are grandfathered (.ly's 2010 short-name rule).
  • Geopolitical continuity risk. A ccTLD's existence depends on its country code staying active in the ISO standard — a real, if currently low-probability, dependency for .io.
  • Price and term volatility. Registry-set pricing can jump (.ai's wholesale increase in March 2026) or lock you into multi-year commitments (.ai's 2-year minimum).
  • Privacy exposure. Some ccTLD registries (.af) run fully public WHOIS with no privacy option, which is a real safety issue for sensitive projects.
  • Dependency on a business decision, not just a government one. goo.gl and itun.es show that even politically stable ccTLDs won't save a hack if the company running the service on top decides to shut it down.

Found Your Word — Now Check Every Split

Search 300+ real available domains, RDAP-verified live, across .com and the ccTLDs that make a hack actually work.

Search live → Check a specific name

Frequently Asked Questions

What exactly is a "domain hack"?

A domain hack is a domain name that spells a word or phrase by reading straight across the dot, using a country-code top-level domain (ccTLD) as the tail end of the word. Examples: del.icio.us ("delicious," using .us), bit.ly (using Libya's .ly), and redd.it (using Italy's .it). The word "hack" means clever trick here, not a security exploit.

Is bit.ly's .ly domain still at risk today?

Bitly itself has operated without incident since the 2010 vb.ly seizure, and its domain still redirects live to bitly.com. But the underlying policy risk hasn't gone away: Libya's registry can still revoke any .ly domain it judges non-compliant with Sharia law, and short (four-character-or-fewer) .ly names have been restricted to registrants with a Libyan presence since June 2010.

Is .io a safe long-term choice for a domain hack?

Probably fine for the next few years, but not a sure thing forever. The UK and Mauritius signed a treaty in May 2025 transferring sovereignty of the Chagos Archipelago, the territory .io is assigned to. ICANN ties ccTLD status to a live ISO country code; if that code is ever retired, .io would enter a retirement process. With over 1.6 million .io domains registered, a fast shutdown looks unlikely, but nobody can currently guarantee indefinite continuity.

Do domain hacks hurt SEO?

Not automatically. Google explicitly treats a specific list of ccTLDs, including .io, .ai, .co, .me, and .tv, as generic rather than country-targeted, so a hack built on one of those doesn't get geotargeted to that country by default. Extensions outside that list (.ly, .it, .tt, .am, .kr, .es, .fi, .be, .af, .gl) are still read as country signals unless you explicitly set a country target in Search Console.

Which ccTLD makes the best domain hack?

It depends on what you're naming and what you can tolerate. .co, .me, and .it are inexpensive, unrestricted, and Google-neutral or near-neutral for most of them. .io, .ai, and .gg cost more and carry either policy risk (.io), a mandatory multi-year term (.ai), or simply higher renewal pricing (.gg). .ly and .af carry the most real registry-level risk and should be a deliberate, informed choice, not a default.

Can I lose a domain hack even if I never did anything wrong?

Yes. queer.af, an LGBTQ-focused Mastodon instance, had its .af (Afghanistan) domain shut down by the Taliban-controlled Ministry of Communications in February 2024, roughly two months before its scheduled renewal, for reasons unrelated to any policy violation by the registrant. A ccTLD hack puts a domain's fate partly in the hands of whichever government or registry controls that country code.