One last potential piece of supporting evidence is that Let's Encrypt reduced their EDNS Buffer Size (the threshold at which queries will fall back to TCP) to 512 bytes, back in 2018. I'm not sure if it's the current production setting in 2023, but it provides an explanation for why that second query in my last post times if Let's Encrypt queries it, because 807 bytes > 512 bytes.
7 Likes