What happens when I navigate to a URL in my browser

What happens when I navigate to a Universal resource locator (URL) in my Web browser?

Corrected version (after talking to Claude AI)

1. I type a URL into the browser bar and press “enter.” (Let’s assume that the URL is well-formed and uses HTTPS.)
2. The browser parses the URL into an application protocol (Hypertext transfer protocol (HTTP)), a Domain name, and a path (“slug”).
3. If it has not already done so, the browser requests a network socket from the operating system. When this is done, the operating system assigns a randomly selected UDP port, and returns a socket descriptor to the browser.
4. The browser uses an OS-provided API to request resolution of the domain name. The OS resolves the domain’s IP address (see DNS lookup from the local host) and returns it to the browser.
5. The browser constructs a “Client hello” request, addressed to the resolved IP address (port 443), to start to establish a Transport layer security (TLS) connection. It sends this request to the OS via the socket descriptor.
6. The OS establishes a Transport control protocol (TCP) connection, propagated to the server via IP, with the server. The first information exchange (after the TCP handshake) is a TLS handshake.
7. With the TCP connection established, the browser constructs a GET HTTP message (request or response) corresponding to the URL that I entered.
8. The request is propagated via TCP and IP. The HTTP request, including its headers, is encrypted via TLS. The TCP headers travel in plaintext. Unless I’m using a VPN, my ISP knows exactly what IP addresses I’m talking to.
9. The datagrams are propagated as usual to the remote server. The server application decrypts the datagrams using its private key. This may be handled by the OS of the receiving server; however, in modern applications, this is usually handled by a layer-7 load balancer, which terminates TLS and forwards the payload via TCP as plaintext.
10. The HTTP listener at the application receives the decrypted request as plaintext, does its thing, and initiates an HTTP response. This may be encrypted into HTTPS locally, but it is often transmitted in plaintext to the layer-7 load balancer, which does NAT and encrypts it using the private key. The preceding steps are repeated in the opposite direction in order to transmit the response back to me.
11. My browser decrypts using the public key, interprets the response, and begins to render the webpage, usually initiating more HTTPS requests (and possibly replacing the page URL) in the process. This is true whether the response is a 2xx (success) or something else.