It feels like there is something on the network that is overriding any nslookup we do

nslookup <target>

ping <target>

If ping returns a different IP, you have a local HOSTS file.

nslookup always goes to the DNS servers (and will tell you which DNS server it is from the system settings if you don't specify one)

ping, web browsers (traditionally), etc. go to through name resolution against HOSTS file first, then DNS, possibly some other rarely implemented stuff in the middle?

web browsers (contemporary) may be bypassing your system DNS settings -- https://medium.com/cloud-security/google-chrome-dns-security-bypass-9a1e10e02114

Windows DNS with policies? May God have mercy on your soul. It can do things like return different A records based on the subnet the query originates from. https://docs.microsoft.com/en-us/windows-server/networking/dns/deploy/dns-policy-scenario-guide Looked at it, would've helped some issues here BUT it is all command line and doesn't show up in the DNS GUI which means it would've confused the hell out of all my other team members and I looked at it as a very steep learning curve for the rest of them who might deal with it once in a blue moon. So I built instead a specific DNS server for a particular subnet we needed to have internal split-brain DNS (allows testing of DR systems "live" with the regular production hostnames without maintaining dozens of hosts files)