How Web Addresses Work

Most of us have been using web addresses for years without really understanding how they work.  Today we are going to try to demystify the web address for you.  Web addresses are basically “rented” for a period of time from a Domain Name Registrar, and are part of the Domain Name System (DNS).  DNS changes the easy alphanumeric domain names we use into numerical IP addresses that computers and web servers use.  The web address is a hierarchical representation of a web resource.  The web address is read from left to right.  The period (.) is used to separate hierachical parts of a domain name or web address.  Let’s take a look at one of my domains, The main parts of a domain name are:

  • The TLD or top level domain.  This is the last section on the right.  This is the .com, .net, .org, .gov and so forth.  Each top level domain is managed by something called a root server in the DNS hierarchy.  The .com root server, for instance, know what DNS servers are authoritative for the domain names that end in .com
    • Additionally, there is a TLD for every country in the world as well, for instance .us for the United States, .in for India, .ca for Canada, .cn for China, .ru for Russia.
  • The domain name.  This is the middle section, and is the part that you can purchase from a domain name registrar such as GoDaddy or Network Solutions

In order to use a domain name, we have to associate it with a service that is provided by a server or computer.  Lets start with a simple web address:  This is known as a Uniform Resource Locator (URL), or Uniform Resource Identifier (URI).  These terms are interchangeable.  There is also something called a Fully Qualified Domain Name (FQDN) which is the full machine name of a computer or server.  That’s right, all computers have names.  Every server and computer on a network has an Internet Protocol address or IP address assigned to it as well.  The domain Name System (DNS) tell computers how to find the IP address associated with a domain name or web server.  For example, my domain name is located on a server with a FQDN of and an IP address of

Let’s go back to . This web address will take you to the home page of one of my websites.  There are a couple of new pieces to the URL.

  • The first part http refers to the communication protocol, in this case the hypertext transfer protocol.  This tells your computer that the resource ( the server or system) is going to display a web site, which is generally written in HTML or Hypertext Markup Language.  This also tells the computer to launch an application called a web browser, like Google Chrome, Firefox, or Internet Explorer, which turns the HTML code into something that a human can read.
  • The next part tells the computer what sort of service we are looking for.  In the example, the service is www. This stands for the World Wide Web protocol and tells the computer that we are looking for web server.  Often, the www is not required, and entering will take you to the web site as well.
    • If the protocol was ftp this is file transfer protocol, and would be a method I could use to move content to or from the web server.
    • If the protocol was pop, imap, or smtp this would be an email server.  Depending on how your server is configured, it may be capable of doing all these tasks and all of the URLs would have the same IP address.  Or these services may be may be running on different machines with different IP addresses. There are other services that may be part of a URL.

The sub-domain.  Not everything you see to the left of a domain name is a service.  There is another part, called a sub-domain. When you own a domain, you can create whatever sub-domain names you wish.  I can create the URL for instance, and set it up to host a test web site.  I can add more sub-domains in a chain such as

After the slash.  The next part of a URL is what comes after the TLD.  This information is separated from the TLD (.com, etc) with a slash (/).  The parts that come after continue to be separated by a slash, and this represents the interior parts of the web site or resource, things like directories (folders), and pages.  For example, the URL will take you to a nested page on my website.

Hopefully this tutorial has helped explain the different parts of a web address in a way that is helpful for you.  On Monday we will be looking at how web addresses can be spoofed by a cyber-criminal in a phishing exploit.





About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.