Perhaps worth editing the DNS section in light of RFC 9460 ... depending on the presence and contents of the HTTPS RR, a browser might not even use TCP. Here's a good blog post surveying the contents of the HTTPS RR a few years ago. https://www.netmeister.org/blog/https-rrs.html