On the .onion, it relies on pulling in resources from another .onion (on the www it's just a subdomain), it would and should be _absolutely_ trivial to detect and block. With the benefit of hindsight (and an IP), there are other requests that leak information too