Blog / NSLookup: A tool for network investigation

NSLookup: A tool for network investigation

by SW Team

In the vast world of network technology, the ability to diagnose problems and understand the structure of the Internet is critical. An essential tool for this purpose is nslookup. In this post we will explore what nslookup is, how it works, what it is used for and some alternatives that can be useful in different context.


What is NSLookup?

Nslookup, which stands for "Name Server Lookup", is a command line tool used on Unix and Windows operating systems to query DNS (Domain Name System) servers for name resolution and DNS record information.

How does it work?

When you enter a domain name into nslookup, the program queries a DNS server for information about that domain. This information may include the IP address associated with the domain, MX (Mail Exchange) records for emails, SPF (Sender Policy Framework) records to verify the authenticity of emails, among other details.

Example of using nslookup:


Example of output:


Non-authoritative answer:

In this example, nslookup queries the DNS server configured on the system to obtain the IP address associated with the domain name "". The output shows the corresponding IP address, in this case, "".

What is it for?

  1. Network diagnostics: nslookup is an invaluable tool for diagnosing network problems. It can help you identify whether a domain is resolving correctly to an IP address, which can be useful for troubleshooting connectivity problems.

  2. DNS Configuration Verification: You can use nslookup to verify the configuration of your DNS servers, making sure they are correctly configured and providing the correct information.

  3. Email troubleshooting: By querying MX and SPF records, nslookup can help you diagnose email-related problems, such as failed email delivery.

  4. Security investigation: System administrators and security professionals often use nslookup to investigate potential threats and malicious activity related to domain names.


Alternatives to nslookup

1. Dig (Domain Information Groper)

Dig is a command line tool available on Unix and Linux systems, which provides detailed information about DNS records and name resolution. Its syntax is similar to nslookup and provides a more structured and detailed output.

Example of the use of "dig":


Example of output:

; <<>> DiG 9.16.1-Ubuntu <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34297
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 512
;          IN  A

;; ANSWER SECTION:        605  IN  A

;; Query time: 21 msec
;; WHEN: Thu Mar 10 21:07:42 UTC 2022
;; MSG SIZE  rcvd: 57

2. Host

Host is another command line tool for DNS name resolution on Unix and Linux systems. It provides information similar to nslookup, but in a more user-readable format.

Example of the use of "host":


Example of output: has address has IPv6 address 2606:2800:220:1:248:1893:25c8:1946

3. Whois

Whois is a tool that allows you to obtain information about domain name registrations, including details about domain owners and associated name servers.

Example of the use of "whois":


Example of output:

Domain Name: EXAMPLE.COM
Registry Domain ID: 2336799_DOMAIN_COM-VRSN
Registrar WHOIS Server:
Registrar URL:
Updated Date: 2022-02-17T22:45:58Z
Creation Date: 1995-08-14T04:00:00Z
Registry Expiry Date: 2022-08-13T04:00:00Z
Registrar: IANA Registrar
Registrar IANA ID: 376
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.7034395312
Domain Status: clientDeleteProhibited
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form:
>>>Last update of whois database: 2024-03-11T18:29:26Z<<<

4. DigWebInterface

DigWebInterface is a web-based alternative for performing DNS queries. It allows easy querying from a web browser and provides detailed and easy-to-understand results.

Visit DigWebInterface

5. MXToolbox

MXToolbox es una herramienta en línea que ofrece una amplia gama de funciones de diagnóstico de red, incluida la resolución de nombres DNS, verificación de registros MX y comprobación de la lista negra de IP.

Visita MXToolbox

These alternatives to nslookup offer various functionalities and ways to access DNS information, either through the command line or by using online tools. Depending on your needs and preferences, you can choose the one that best suits you.


The alternatives to nslookup offer various functionalities and ways to access DNS information, either through the command line or by using online tools. Depending on your needs and preferences, you can choose the one that suits you best. These tools are not only useful for troubleshooting network problems, but also for better understanding the Internet infrastructure and domain registration.