.onion is a special-use top-level domain routing traffic through the Tor network, where the domain name itself is a cryptographic address. You don't register it through a traditional registrar—you generate it. v2 addresses were 16 characters; v3 (current standard) are 56 characters and use Ed25519 keys for stronger cryptography.
Why it matters: .onion lets you host a hidden service—a web server, mail server, or any TCP service—accessible only over Tor. No DNS lookup leaks your IP. No ISP or upstream network operator sees the traffic. The domain is derived from your public key, so you can't lose it or have it seized by a registrar.
Legitimate uses span journalism (SecureDrop endpoints), privacy-conscious communities, whistleblowing platforms, uncensored archives, and free-speech infrastructure in restrictive jurisdictions. Also: markets, forums, and services operating outside traditional legal frameworks.
Common misconception: .onion is not anonymous by default. Your service's anonymity depends on operational security—how you run it, what you log, whether you leak metadata. The domain hides your IP; it doesn't hide your mistakes.
Bunkerdomains doesn't register .onion (you generate your own). But we register standard TLDs for the exit nodes, mirror sites, and clearnet presences many .onion operators also maintain.