Onion Website Detection Scanner

This scanner detects the use of Onion Website Supported via Onion-Location Header in digital assets.

Short Info


Level

Informational

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

18 days 12 hours

Scan only one

URL

Toolbox

-

The Onion Website Supported via Onion-Location Header scanner is a tool used by cybersecurity professionals, privacy advocates, and researchers to identify websites supporting Tor network access. It is primarily used to ensure that websites comply with privacy standards by providing an alternative .onion service. Such services enhance user anonymity and protect against surveillance. Organizations that prioritize user privacy and security often implement these technologies. By using this scanner, users can determine if a website offers a hidden service in addition to its regular domain.

This detection scanner identifies the presence of the Onion-Location HTTP response header in web servers. The presence of this header indicates that a website has an associated .onion service, representing a version of the site accessible via the Tor network. This is crucial for verifying that privacy-focused websites are properly configured to allow access through Tor. The scanner provides valuable insights by confirming the implementation of such headers, which indirectly indicates adherence to privacy-oriented practices.

The scanner checks for the 'Onion-Location' HTTP header, which should contain references to the .onion address of the website. This address is part of the Tor network's hidden services, designed to offer enhanced privacy. Scanning involves sending a GET request to the target URL and analyzing the response headers for specific patterns. Regex matchers are employed to effectively pinpoint the 'Onion-Location' header. By extracting the .onion address, the scanner provides confirmation of the optional hidden service’s availability.

By detecting the existence of an 'Onion-Location' header, malicious individuals could potentially target such websites, attempting to exploit any vulnerabilities within their Tor accessible counterpart. However, its primary implication usually relates to a commitment to privacy rather than technical flaws. If vulnerabilities within the .onion version exist, they could be subjected to attacks exploiting the underlying web service infrastructure. Nevertheless, merely advertising its existence does not immediately increase hacking risks. The primary concern remains around ensuring both versions remain secure and free from vulnerabilities.

Get started to protecting your digital assets