You might want to update this answer with The truth that TLS 1.3 encrypts the SNI extension, and the most important CDN is performing just that: blog site.cloudflare.com/encrypted-sni Of course a packet sniffer could just do a reverse-dns lookup with the IP addresses you might be connecting to. You can https://https-jdmengineforsale-co09753.alltdesign.com/the-definitive-guide-to-https-jdmengineforsale-com-product-jdm-mitsubishi-turbo-4g63t-engine-for-sale-56491209