[jeroenhd]

Many security-enhancing technologies have been used to deanonymise websites. For example, by checking the certificate transparency log (the thing that prevents any CA from generating a certificate for Google.com that doesn't get nuked in seconds) it's often possible to find certificates for servers hidden behind Cloudflare. Those certificates can in turn be found using the mechanisms described here, and DDoS protection may quickly be bypassed that way.

Generally, though, TLS is not designed with privacy of the server in mind. The data exchanged between the client and the server is kept private between the two parties, but that's it.

If you wish to anonymise your connection, technologies like Tor will help. You'll still have to pay attention though. In a great many cases, security and usability are polar opposites, and a balance must be struck to find a workable solution. In this case the best balance is probably in-depth knowledge of how web servers work combined with reading through the documentation of the Tor project.