A domain hack uses the extension as part of the name—patterns such as read.me, portfol.io or local.ly. It can be shorter and more memorable than a conventional domain, but the best choice must also pass five tests: spoken clarity, search geography, registry rules, renewal cost and ownership of the obvious .com.
How a domain hack works
The DNS reads labels, not words. In portfol.io, the registrable label is portfol and the TLD is .io; a reader mentally joins them into “portfolio.” The construction is called a hack in the older sense of a clever solution. It does not imply hacking a system.
Most useful hacks rely on two-letter country-code TLDs because short endings fit inside ordinary words: .me, .in, .it, .is, .to and .ly are natural fragments. Newer descriptive gTLDs can make phrase-like names too—such as a verb before .online—although that is usually called semantic naming rather than a strict word-across-the-dot hack.
The examples on this page illustrate patterns only. They are not availability claims or endorsements of any existing registrant.
Useful endings and the patterns they create
| Ending | Official origin | Wordplay pattern | Main caution |
|---|---|---|---|
| .me | Montenegro | Personal phrases and calls to action | May sound informal for an institutional brand |
| .io | British Indian Ocean Territory | Words ending “io” and input/output | Premium renewals and territory-policy exposure |
| .ly | Libya | English adverbs ending “ly” | Registry and jurisdiction rules |
| .in | India | Words or phrases ending “in” | Country signal unless the target is India |
| .it | Italy | Imperative phrases ending “it” | Eligibility and EU/EEA connection rules |
| .is | Iceland | Short sentence-like constructions | Country signal and registry terms |
| .to | Tonga | Directional phrases ending “to” | Higher cost and unfamiliar email addresses |
| .tv | Tuvalu | Video and broadcasting identity | Premium label renewals can be substantial |
| .ai | Anguilla | Words ending “ai” or artificial intelligence | High recurring cost; category can narrow the brand |
The five-part risk scorecard
1. Say it, then ask someone to type it
A visual trick can fail in speech. Say “email me at hello at portfol dot io” without showing the address and ask a listener to write it. If the dot split needs a long explanation, or the listener adds .com automatically, the name may work as a campaign URL but not as the company's only identity.
2. Check the exact ccTLD's search treatment
The hack itself is not an SEO penalty. Geography is the real question. Google publishes a list of ccTLDs it treats as generic, including .ai, .co, .io, .me and .tv. Many other country codes retain a strong local signal. If the intended audience is global and the extension is not on that list, compare a gTLD before committing.
3. Read the registry rules, not only the checkout page
A registrar sells the name, but the registry sets namespace policy. Look for local-presence requirements, prohibited uses, contact validation, reserved labels, dispute procedures and term length. A checkout that accepts payment is not a substitute for eligibility. Start with the extension's IANA delegation record, then follow the registry link.
4. Calculate renewal and premium cost
Some word fragments are valuable labels and may carry a premium renewal every year, not merely an expensive first purchase. Record the ordinary renewal, the exact name's renewal and the transfer price. Use the five-year renewal formula instead of letting a one-year promotion set the budget.
5. Inspect the obvious neighboring domain
If users will instinctively type the same word plus .com, visit that address and assess confusion. A direct competitor, unsafe site or established trademark makes leakage more serious. Do not register a confusingly similar name to trade on another party's identity; for consequential brand decisions, obtain appropriate trademark advice.
Use a hack as primary domain or redirect?
| Situation | Better role | Why |
|---|---|---|
| Short consumer campaign | Redirect | Memorability matters; email and long-term policy matter less. |
| Developer tool with a natural .io name | Possible primary | The audience understands the convention and Google treats .io generically. |
| Local business in the ccTLD's country | Possible primary | The wordplay and country signal reinforce one another. |
| Global regulated or institutional service | Conventional primary | Clarity, jurisdiction and stable email identity outweigh novelty. |
| Name often misheard or mistyped | Redirect or reject | A clever address that cannot be reproduced loses traffic. |
| Matching .com belongs to a competitor | Usually reject | Traffic and email leakage become a permanent operating cost. |
A practical selection workflow
- Write the full name in lowercase and check whether the word remains instantly legible.
- Test it aloud with at least three people who have not seen it.
- Verify IANA status, registry identity, eligibility and content policies.
- Check whether the extension is country-targeted or treated generically for Search.
- Compare registration, ordinary renewal and exact-label premium renewal.
- Inspect matching .com, common misspellings and social handles for confusion.
- Decide whether the hack is the canonical domain or a memorable redirect.
If it fails any hard requirement—eligibility, affordable renewal, legal clearance or reliable spoken use—move on. Availability is not the same as suitability.