You may want to update this solution with the fact that TLS 1.3 encrypts the SNI extension, and the greatest CDN is performing just that: blog site.cloudflare.com/encrypted-sni Certainly a packet sniffer could just do a reverse-dns lookup for the IP addresses you're connecting to. This will alter in future with https://emileo714opd6.wikicommunications.com/user
