HTTP & Networking

What is a DNS lookup?

The process of translating a hostname (like example.com) into the IP address a client uses to actually connect.

Also known as: DNS resolution

A DNS lookup walks a chain of resolvers. Your machine asks its configured resolver (often the ISP's, or 1.1.1.1 / 8.8.8.8). If the answer is not cached, the resolver asks a root server which TLD server handles .com, then asks that TLD server which authoritative server handles example.com, then asks that authoritative server for the A or AAAA record. The chain answers are cached at every level using TTLs.

For HTTP requests, DNS happens before TCP. A typical browser request waits on DNS (often a few ms from a warm cache, sometimes hundreds of ms cold), then TCP handshake, then TLS handshake, then the actual GET. DNS is invisible until it breaks, at which point every site you visit "looks down" because nothing resolves.

Crawlers and brand-data tools care about DNS for a few reasons. The presence of MX records signals a domain that handles email; the SOA gives the authoritative nameserver, which often reveals the registrar or DNS provider. A missing or recently-changed A record can flag a domain that has expired, parked, or migrated to a new host.

In the wild

  • dig stripe.com to see the live A and AAAA records
  • A status page running periodic DNS lookups against multiple resolvers to detect propagation delays
  • A crawler skipping a domain whose authoritative nameservers all fail to respond

How Brand.dev uses dns lookup

Endpoints in the Brand.dev API where this concept comes up directly.

Company Data API

FAQ

What records does a DNS lookup return?

Depends what you ask for. A and AAAA return IPv4 and IPv6 addresses. CNAME returns an alias. MX returns mail servers. TXT returns arbitrary text records (often SPF or domain ownership proofs). NS returns authoritative nameservers.

Why is my DNS lookup slow?

Cold cache (the resolver has to walk to authoritative servers), congested upstream resolver, or a misconfigured authoritative server with very small TTLs forcing repeated lookups. Switching to a fast public resolver like 1.1.1.1 helps a lot.

Is DNS encrypted?

Traditional DNS is plaintext. DNS over HTTPS (DoH) and DNS over TLS (DoT) encrypt the queries between client and resolver. They do not encrypt the resolver-to-authoritative leg.

Related terms

DNS

The Domain Name System, the distributed database that translates human-readable domain names into the IP addresses computers actually route to.

Domain

The human-readable name that identifies a site on the internet, the part that maps to an IP address through DNS.

Subdomain

A prefix added to a parent domain to identify a separate section, app, or service, like `blog.example.com` or `api.example.com`.

CNAME

A DNS record that aliases one hostname to another, so the resolver follows the chain to whatever IP the target eventually points to.

IP Address

A numeric label assigned to every device on a network that uses the Internet Protocol, used to route packets between hosts.

WHOIS

A protocol and public lookup service for retrieving the registration record of a domain, IP block, or autonomous system.

All glossary terms

Ship an agent that actually knows things.

Free tier, 10-minute integration, and the same API powering agents at Mintlify, daily.dev, and Propane. No credit card to start.

Get API Access
Book a call