A normal connection to a hidden service goes like this Tor client -> entry guard -> middle relay -> rendezvous point <- exit node <- middle relay <- entry guard <- hidden service The client and hidden service are anonymous to each other, since the only see their path up to the rendezvous point. onion.to is a proxy to the Tor network, so the connection goes like this clearnet user -> onion.to -> rendezvous point <- exit node <- middle relay <- entry guard <- hidden service The hidden service is still protected, but the user isn't. onion.to contacts the hidden service for you, so it knows your IP address and the hidden service you're visiting. Theoretically it doesn't log, but we don't know that for sure. If the onion.to server is seized by LE, they could get that info. So, it's not safe to use onion.to.