The goal is to solve that with ECH which requires the person is using DoH. That can be verified here [1]
[1] - https://tls-ech.dev/
ah forgot about ECH
* https://blog.cloudflare.com/encrypted-client-hello/
what's weird is my ancient version of chrome passes ECH
but my Firefox ESR does not have ECH and I cannot figure out how to turn it on in about:config, googling fails me
wait! found it, 3rd times the charm
network.dns.echconfig.enabled
* https://www.cloudflare.com/ssl/encrypted-sni/
ah forgot about ECH
* https://blog.cloudflare.com/encrypted-client-hello/
what's weird is my ancient version of chrome passes ECH
but my Firefox ESR does not have ECH and I cannot figure out how to turn it on in about:config, googling fails me
wait! found it, 3rd times the charm
set to TRUE = ECH enabled, passes test* https://www.cloudflare.com/ssl/encrypted-sni/