HTTPS encrypts all message contents, such as the HTTP headers as well as the request/response facts. Except for the attainable CCA cryptographic attack described in the restrictions section down below, an attacker ought to at most have the opportunity to find that a link is going down amongst two parties, along with their domain names and IP addres