You might want to update this answer with The point that TLS one.3 encrypts the SNI extension, and the most significant CDN is undertaking just that: blog.cloudflare.com/encrypted-sni Obviously a packet sniffer could just do a reverse-dns lookup with the IP addresses you are connecting to. Observe even so (as also https://https-jdmengineforsale-co01099.nizarblog.com/37916164/https-jdmengineforsale-com-product-jdm-mitsubishi-turbo-4g63t-engine-for-sale-an-overview