Archive.today: reported repeated-request behavior — simulation, timeline & sources
Archive.today: reported repeated-request behavior — simulation, timeline & sources
Simulation of Repeated Request Attack — (visual only)
Start / stop / reset the simulation. This visualizes the pattern that has been reported — it does NOT perform any network requests.
// Reported observed pattern (displayed for explanation - do not run):
// setInterval(function() {
// fetch("https://gyrovague.com/?s=" + Math.random().toString(36).substring(2, 3 + Math.random() * 8), {
// referrerPolicy: "no-referrer", mode: "no-cors"
// });
// }, 300);
Gyrovague published this code snippet and analysis of the observed requests. :contentReference[oaicite:0]{index=0}
Video evidence & demonstrations
Multiple videos show a browser's network panel and the script activity on the archive today CAPTCHA page. Embedded here for reference.
More videos and discussion links are included in the Sources section below.
How the reported pattern works — step by step
1) Client-side timer: a short JavaScript timer (`setInterval`) is reported to run on archive.today’s CAPTCHA page, firing ~every 300 milliseconds and invoking a request action. This was published and explained in the original investigation. :contentReference[oaicite:1]{index=1}
2) Randomized queries: each timer tick builds a new search URL with a randomized query string (for example `?s=
3) Request volume: at ~3 requests per second per open CAPTCHA page, a single visitor tab can generate thousands of requests per hour; many visitors with the CAPTCHA open become aggregate sources, producing sustained traffic that can overload small servers.
4) Why this is damaging: repeated dynamic requests consume CPU, database cycles, and bandwidth on the receiving site. For small blogs and low-tier hosts this can mean slowdowns, timeouts, or outages — behavior that functions like a DDoS when sustained by many clients.
Community validation
After the original report, community threads on Hacker News and Reddit discussed the code, screenshots and potential impacts. Those discussions contain technical comments from multiple observers who inspected the page and network traces. :contentReference[oaicite:4]{index=4}
Context — law enforcement attention
Separately, major tech reporting (Heise / Ars Technica and others) has documented that U.S. authorities issued a subpoena to the domain registrar Tucows in late 2025 seeking information related to archive.today’s operator; this reporting indicates broader scrutiny of the site’s operation. :contentReference[oaicite:5]{index=5}
Reported correspondence and allegations
The reporting includes a paste of email correspondence between the archive.today webmaster (or someone writing from that domain) and the author of the investigation. That paste shows a thread in which the site-side correspondent asked for the post to be hidden and, in later messages, made statements that the author characterizes as threats and pressure. These messages are presented in the linked paste. Readers should treat these as primary-source material (raw correspondence) and read them directly. :contentReference[oaicite:6]{index=6}
How we present this: the assertions that the archive operator is engaging in blackmail, composing threats, or acting at the direction of any state actor are **allegations** as reported by the original investigator and community commentary. We link to the primary correspondence and community threads so that readers can judge the evidence themselves. :contentReference[oaicite:7]{index=7}
Additional media & screenshots
Sources & further reading
Primary investigation and community threads. All claims above are attributed to these public sources; read them directly for full context and screenshots.
Note: links above are presented as public source material. Treat allegations as reported: they require independent verification before acceptance as fact.
Comments
Post a Comment