Shortest URLs on the Internet

Shortest URLs on the Internet

August 29, 2022

What’s the shortest URL for which content is served on the internet? There are quite a few single-letter second-level domains that are used in very short URLs, such as Google’s http://g.co or Facebook’s https://m.me.

But we can go shorter than this: there’s nothing stopping TLD registry operators serving A records at the apexes of their TLD zones. For example, if Verisign (the operator of the com TLD registry) wished, they could add an A record at the apex of the com TLD zone – com would then resolve to that IP, and your browser would connect to that IP when you visited https://com.

Does any registry operator actually do this though? Surprisingly, the answer is yes.

First, let’s find a list of TLDs which have A records.

$ wget https://data.iana.org/TLD/tlds-alpha-by-domain.txt
$ <tlds-alpha-by-domain.txt tail -n+2 | xargs -I{} ./get_a_record_tsv.sh {} > tld-a-records.tsv

where get_a_record_tsv.sh is:

#!/usr/bin/env bash
set -euo pipefail

name="$1"
records=$(dig +short @8.8.8.8 "$name" | head -n1)

echo -e "${name}\t${records}"

Now, let’s get the TLDs that have A records:

$ <tld-a-records.tsv grep -Ev $'\t$'
AI	209.59.119.34
ARAB	127.0.53.53
CM	195.24.205.60
IN	e.root-servers.net.
KIDS	127.0.53.53
MD	e.root-servers.net.
MG	a.root-servers.net.
MR	m.root-servers.net.
MUSIC	127.0.53.53
MX	a.root-servers.net.
PN	139.162.17.173
TK	217.119.57.22
UZ	91.212.89.8
WS	64.70.19.33
XN--L1ACC	218.100.84.27
XN--MXTQ1M	127.0.53.53
XN--NGBRX	127.0.53.53

Some of these aren’t relevant to us:

  • There’s a bunch that have A records pointing at 127.0.53.53 (which is an internal IP): arab, عرب (translates to “arab”), kids, music, and 政府 (translates to “government”). It turns out this is a special IP address designed to alert network adminstrators of name collisions: cases where networks have privately been using names underneath TLDs which used to be free, but have now been allocated as gTLDs. The 53.53 is a reference to port 53, the port on which DNS nameservers listen.
  • Some have A records pointing to the root servers. I’m not sure why this is - I think it might be because no DNS has been configured in the TLD zone for these TLDs. Edit: matttpt on HN pointed out the reason for this.

Filtering out the TLDs mentioned above, we get:

AI	209.59.119.34
CM	195.24.205.60
PN	139.162.17.173
TK	217.119.57.22
UZ	91.212.89.8
WS	64.70.19.33
XN--L1ACC	218.100.84.27

These are, in turn, the ccTLDs for Anguilla, Cameroon, the Pitcairn Islands, Tokelau, Uzbekistan, Samoa and Mongolia (the TLD is an internationalised ccTLD in this case).

Let’s open up the TLDs we found in a browser and see what happens:

$ <tld-a-records.tsv cut -f1 | xargs -I{} xdg-open 'http://{}'
$ <tld-a-records.tsv cut -f1 | xargs -I{} xdg-open 'https://{}'

Some of them do indeed load:

Screenshot of http://ai

Screenshot of http://ai

The others either time out or refuse the connection.

This practice – publishing A records at TLD apexes – is discouraged by ICANN:

Recommendation: Dotless domains will not be universally reachable and the SSAC recommends strongly against their use. As a result, the SSAC also recommends that the use of DNS resource records such as A, AAAA, and MX in the apex of a TopLevel Domain (TLD) be contractually prohibited where appropriate and strongly discouraged in all cases.

And, furthermore, the use of dotless domains is prohibited for new gTLDs.

Bonus fact: there’s also nothing stopping ICANN adding an A record to the apex of the root zone, which would theoretically make the empty hostname resolvable. I imagine most browsers etc. would consider a URL with an empty hostname invalid – Chrome considers both http:// and http://. invalid, at least.

James Williams • 2025