APCSP

Step 1

Normalize the URL (browser fills in https:// if needed, strips spaces) and check local caches (browser, OS hosts file, router) and history for a known IP — if found, skip DNS.

Step 2

DNS lookup (if needed): your browser asks a DNS resolver which queries the root → TLD → authoritative name server (CDNs may direct you to a nearby edge) and returns the website’s IP address.

Step 3

Choose protocol & port (e.g., HTTPS → port 443, HTTP → port 80) and prepare to open a connection.

Step 4

Open a TCP connection to the server IP (three-way handshake: SYN → SYN/ACK → ACK). (If the site uses HTTP/3, a QUIC/UDP connection is used instead.)

Step 5

TLS handshake (for HTTPS): browser and server exchange ClientHello/ServerHello, server sends its certificate, browser verifies the certificate with trusted CAs, they complete key exchange and derive symmetric encryption keys.

Step 6

Send the HTTP request (e.g., GET / HTTP/1.1) with headers (Host, cookies, user-agent, etc.).

Step 7 

Server processes the request (may run backend code, check auth, query a database) and sends back an HTTP response (status code, headers, body). If it’s a redirect (3xx) the browser follows the new URL and repeats relevant steps

Step 8

Browser starts parsing the response as it arrives — HTML is parsed into the DOM (document object model).

Step 9

Fetch and parse resources referenced by the HTML (CSS → CSSOM, JavaScript files, images, fonts). CSS and certain scripts can block rendering until loaded/executed.

Step 10

Build render tree and layout: combine DOM + CSSOM into a render tree, compute layout (positions/sizes).

Step 11

Paint & composite: browser paints pixels to the screen and composites layers (result: the page becomes visible).

Step 12

Execute JavaScript (which can modify the DOM/CSSOM and trigger reflows/repaints) and handle any dynamic requests (AJAX/fetch) that load more data.

Step 13

Perform additional performance/security steps: use HTTP/2 or HTTP/3 multiplexing if available, check HSTS or block mixed content, apply CSP rules, consult caches for subsequent requests.

Step 14

Keep connection or close: browser may keep the TCP/TLS connection open (keep-alive) for further requests; responses and resources may be cached for later reuse.

Step 15

Page is interactive: event loop listens for user input, scripts run, and the browser continues fetching resources or updates as needed.