You might want to update this answer with The truth that TLS 1.3 encrypts the SNI extension, and the most significant CDN is doing just that: blog site.cloudflare.com/encrypted-sni Obviously a packet sniffer could just do a reverse-dns lookup to the IP addresses you happen to be connecting to. Note on https://danieln454ezr9.mysticwiki.com/user
