Probably based on IP origin and certificate info as that is presented in
the clear with TLS 1.2. Once TLS 1.3 is required, certficate will be
encrypted so URL and other info will no longer be available. Only the IP
origin/destination will be availabl...