[mumblemumble]

Assuming your physical therapist has their own website with its own doman, and not just, say, a Facebook page, you're leaking that information to your ISP with https, too. https doesn't hide the domain you're talking to, just the specific URLs within that domain.

[iso1210]

We have SNI. Now sure your therapist may run their own VM on it's own IP address, but that's not very likely.

[mumblemumble]

SNI doesn't encrypt the desired hostname in the payload of the initial connection. It's still plainly visible to an eavesdropper. They can also observe un-encrypted DNS lookups.

[skissane]

eSNI is going to fix that

https://tools.ietf.org/html/draft-ietf-tls-esni-07