archive.today is directing a DDOS attack against my blog [OC]
This is sufficiently bizarre that I'm linking to the full writeup on my blog instead of trying to explain everything here in detail, but TL;DR, archive.today (yes, the guerrilla archiving site we all love) is abusing its users to conduct a DDOS attack against a blog post they want to take down. Irony can be pretty ironic, eh?
I believe archive.is has also bannedFinnish IPs ever since they started conducting the attack against that blog. I've tried on four different Finnish ISPs and they all just get endless fake captcha loop. I then wrote a script that tried around 40 different countries via a VPN and Finland was the only one that got http 429 response. For other countries it was either 403 or 200.
Would that mean that if you wanted to access archive.is from Finland you would have to use a VPN? Or would there be any alternative ways to access it?
If it’s finish isp’s, that’s determined by the IP block of the user.
You need to bounce your request through somewhere else so they see that IP and not yours.
I’ve just had to use several archival websites this past month and most of the time i had the same issue with captcha loops. Never thought it could be my vpn set in finland but randomly saw your comment. Thanks for the info!
FYI, if you are just trying to browse news sites with a paywall, you can install the extension "Bypass Paywalls Clean" in your browser. I've been using it for many years. You can find the latest legit source via the wikipedia page. The author (much like these sites) is the target of DMCA takedowns and such since it bypasses paywalls. But in reality it's all just javascript smoke and mirrors...
Same for Cyprus (at least from the 4-5 Cyprus IPs I tried)
Here's reason for that: "We block Cyprus because it has a suspiciously high density of people with a past best left undisclosed starting shiny new “European” lives from scratch."
Source: https://archive-is.tumblr.com/post/807161514040705024/yesterday-one-of-the-archives-early-adopters-sent (Wayback Machine link).
Make that what you will. They have more meltdown posts in their blog too.
And it is their official blog, btw. https://blog.archive.today/ redirects to it and "blog" link can be found from Archive.is front page.
As finnish person: fuck this site and guy who manages it. I should learned that after 2015 situation.
EDIT: the homophobic and fennophobic bigot still can't stop: https://archive-is.tumblr.com/post/807369905134518272/the-finne-troll-published-his-response-with (Wayback Machine)
"That’s the sore spot. His grandfather seems to have been a real Nazi criminal, even by Finnish standards. We need to dig deeper." Totally innocent guys don't talk like this. Narcists and psychopaths do.
Op (doxxer) from Finland.
Read the blog post. That is a weird story.
You would think someone running an Internet ARCHIVE site would understand the concept that once it's on the internet, it never goes away. Very strange story.
Yeah. And that behavior seems at odds with successfully running a well-known, widely used site of any sort.
As someone working to archive the internet, they understand better than archive consumers like yourself that is simply not true thus why archiving is so important. There is lots of lost media that was once on the internet that isn't now. There are people hired to make things disappear and they're good at it.
Worth throwing your site behindCloudflare , at least for a few days.
Ironically archive.today was having a pissing contest with Cloudflare too over some DNS settings. Not saying that they were up to any similar shenanigans there, or that they even were the ones technically in the wrong, just mentioning this rather sad thing.
This is rather standard practice in this day and age. Only way I get away with hosting off a residential connection honestly.
It seems from the linked email correspondence they specifically don't want mainstream press having a live link to the prior article that looked into clues about their identity.
They said they wanted the article removed for 2-3 months yet gave no further explanation on why the time window mattered and then just repeated they want the original article removed.
Possibly they didn't want to explain what wording could be changed, per your suggestion, since it would indicate which parts they're most concerned about.
If we take a step back though, it's unusual for a non-criminal site to have someone try and dox the webmaster. Like, with Brian Krebs for example he's trying to uncover ransomware gangs and whatnot, while this person is just running an independent archiving site.
Yeah well, we can't read it now, can we? It's down, prolly on account of DDOS. Why do they want it down?
from the blog:
The blog won't go down unless they manage to take down all of Wordpress.com along with it.
Mmh for some reason it won't open i get "ERR_CONNECTION_REFUSED" . But imma go sleep now, I'll check tomorrow, maybe a DNS issue on my side.
The blog or archive.today? I can see the blog and it doesn't even look sluggish, if not you can find it on archive**.org** (different entity).
If you have problems with archive.today change your DNS from cloudflare (or one that feeds from cloudflare), as I mentioned previously they have a kerfuffle with them too.
Why do great platforms have to be run by the most insane and most aggressive idiots.
Because they’re the ones who have the correct amount of crazy to make them work.
Only crazy people would force country to let them run it.
All previous pirate websites was banned and owners arrested.
Tl;dr
OP was doxxing owners of archive today and helping fbi to fight against it.
I saw the hacker news thread on this, there's more to the story.
Such as?
So you tried to doxx him and he's retaliating.
Couldn't access the blog, get a DNS error... But archive.org to the rescue:
https://web.archive.org/web/20260201131037/https://gyrovague.com/2026/02/01/archive-today-is-directing-a-ddos-attack-against-my-blog/
EDIT - You might want to move your site behind cloudflare, or implement some local Proof-of-Work front-end to your site. I did that recently and it has basically stopped bots and ddos shenanigans' dead in their tracks. Or at the very least just do some rate limiting and banning since you know what URL is being abused.
Pure gold
File a complaint with their domain registrar.. Name: Tucows Domains Inc. IANA ID: 69 Abuse contact email: compliance@tucows.com Abuse contact phone: tel:+1.4165350123 About the Registrar: https://opensrs.rdap.tucows.com/
Also their hosting provider: Handle: AR66370-RIPE Name: Abuse-C Role Email: abuse@tube-hosting.de Kind: group Mailing Address: GERMANY, Bad Königshofen i. Grabfeld, 97631, Schlesierstr., 7
They are hosted in the EU so I'm guessing there's a lot of options for filing complaints there as well, but I would start here: https://www.polizei.de/Polizei/DE/Home/home_node.html
wtf even is that site? Their example search for
*.microsoft.comjust shows a bunch of random links to Chinese websites...