kurey: the website FAQ pages and infographics cover this more clearly, but in short: client assembles a "circuit" consisting of guard middle and exit (these days, guard is reused for many weeks to avoid guard rotation attacks); the data is gathered from the tor directory "consensus" data but it is the client that chooses its own path (so directory servers can't command or easily predict this). client sends a message containing three
layers of encryption, addressed to each relay in the circuit. guard is able to decrypt the first layer, and reads its instructions to send the remainder of the cell to the middle relay revealed there. then middle decrypts its layer, which tells it to forward the rest to the exit. then exit decrypts its layer, resolves the hostname requested using its own configured DNS, and opens a TCP connection to that host (approximately).
kurey: then that circuit is held open until either 10 minutes have passed or the tor client has explicitly closed it
kurey: this way the exit has no knowledge of the guard (it didn't get to see that part of the message) and the guard has no knowledge of the exit.
kurey: also the story is different and a bit more complicated for hidden services