Cloudflare flags archive.today as "C&C/Botnet"; no longer resolves via 1.1.1.2
https://radar.cloudflare.com/domains/domain/archive.todayDitto for their other domains like archive.is and archive.ph
Example DoH request:
$ curl -s "https://1.1.1.2/dns-query?name=archive.is&type=A" -H "accept: application/dns-json"
{"Status":0,"TC":false,"RD":true,"RA":true,"AD":false,"CD":false,"Question":[{"name":"archive.is","type":1}],"Answer":[{"name":"archive.is","type":1,"TTL":60,"data":"0.0.0.0"}],"Comment":["EDE(16): Censored"]}
---
Relevant HN discussions:
https://news.ycombinator.com/item?id=46843805 "Archive.today is directing a DDoS attack against my blog"
https://news.ycombinator.com/item?id=47092006 "Wikipedia deprecates Archive.today, starts removing archive links"
https://news.ycombinator.com/item?id=46624740 "Ask HN: Weird archive.today behavior?" - Post about the script used to execute the denial-of-service attack
Wikipedia page on deprecating and replacing archive.today links:
https://en.wikipedia.org/wiki/Wikipedia:Archive.today_guidan...
[1]: https://arstechnica.com/tech-policy/2025/11/fbi-subpoena-tri... [2]: https://adguard-dns.io/en/blog/archive-today-adguard-dns-blo...
Jani justifies his doxing as follows "I found it curious that we know so little about this widely-used service, so I dug into it" [1]
Archive.today on the other hand is a charitable archival project offered to the public for free. The operator of Archive.today risks significant legal liability, but still offers this service for free.
[1]: https://gyrovague.com/2026/02/01/archive-today-is-directing-...
It's weird to see people getting fixated on the DDoS, which is obviously far less nasty than actually attempting to dox someone. The only credible reason for Jani to publish something like this is if he desires to cause physical harm to the operator of archive.today
Or are we just looking at an unhinged fan stalking their favorite online celebrity?
People were critical of the Banksy piece, but this is much nastier. At least Banksy is a huge business, archive.today does not even make money.
Here is the DDoS context https://gyrovague.com
I know there are a number of headers used to control cross-site access to websites, and the linked blog post shows archive.today's denial-of-service script sending random queries to the site's search function. Shouldn't there be a way to prevent those from running when they're requested from within a third-party site?
However, browsers will first send a preflight request for non-simple requests before sending the actual request. If the DDOS were effective because the search operation was expensive, then the blog could put search behind a non-simple request, or require a valid CSRF token before performing the search.
Mostly these headers are designed around preventing reading content. Sending content generally does not require anything.
(As a kind of random tidbit, this is why csrf tokens are a thing, you can't prevent sending so websites test to see if you were able to read the token in a previous request)
This is partially historical. The rough rule is if it was possible to make the request without javascript then it doesn't need any special headers (preflight)
Both sides look like they have been bullied in the past and not found their way out of reproducing the pattern yet.
It's deliberately obtuse to suggest that "words" aren't a big deal.
>One is using force, which naturally leads to resistance and additional attention, the other is not.
I'd say attempting to dox someone and then spreading that information is deploying far more significant force than a minor lazy DDoS attack.
Doxing or attempting to dox someone is effectively threatening them with physical violence. A DDoS is nothing at all in comparison.
The blog has a lot of more posts on random topics. Why do you imply that the owner of the bloh is part of a harassment campaign and "only" that is the reason for this years old blog to exist?
There are only two posts about archive.today on the blog, and one of them only exists because archive.today started DDoSing them. I fail to see how you could consider the entire blog to be a "harassment campaign", especially considering that the original blog post isn't even negative, it ends with a compliment towards archive.today's creator.
But it's not? This was published between the two posts about archive.today: https://gyrovague.com/2025/02/23/anatomy-of-a-boarding-pass-...
Writing about being ddos'd seems eminently reasonable. So if you elide that, you are talking about a single article in four years.
It's genuinely nothing.
Why are you pretending to be surprised by this view that is held by approximately every single person in the world?
Or do you think we should have different standards for DDoS and actual violence?
Doxing? Yes.
It's clear that the person running archive.today does not actively publicize their identity.
> As far as I read the tone of the post is full of admiration
Exactly like an unhinged fan stalking a celebrity.
Jani Patokallio runs gyrovague.net in order to harass people who provide useful public services.
It's not surprising that the owner of archive.today does not like being exposed, archiving is a risky business.
That's a pretty small sin in my book. To be written off as wildly unsuccessful but entirely justified self defense.
DDoSing gyrovague.com is silly, not evil.
The content on gyrovague.com which targets archive.today is evil, plain and simple.
Just my 2 ¢, not that it really matters anymore in this current information-warfare climate and polarization. :/
I think you're missing that circumventing paywalls is unlawful in most parts of the world.
And a necessity if you want to archive the content correctly, also necessary if you want the archives to be publicly available.
The c&c/botnet designation would seem to be new though.
20 years ago during the P2P heyday this was assumed to come with the territory. Play with fire and you could get burned.
If you walk into a seedy brothel in the developing world, your first thought should be "I might get drugged and robbed here" and not what you're going to type in the Yelp review later about their lack of ethics.
Nobody was shedding any tears 20 years ago for the virus makers who had their viruses flagged by virus scanners.
Regardless, another user reports the attack is still ongoing[1], so this isn't a discussion that's going to happen about archive.today anytime soon.
Because once the problematic content is removed it should no longer be blocked.
>It's accurate
It is neither a C&C server for a botnet, nor any other server related to a botnet. I would not call it accurate.
>Nobody should ever use that site
It has a good reputation for archiving sites, has stead the test of time, and doesn't censor pages like archive.org does allowing you to actually see the history of news articles instead of them being deleted like archive.org does on occasion.
...On 20 February 2026, English Wikipedia banned links to archive.today, citing the DDoS attack and evidence that archived content was tampered with to insert Patokallio's name.[19] The decision was made despite concerns over maintaining content verifiability[19] while removing and replacing the second-largest archiving service used across the Wikimedia Foundation's projects.[20] The Wikimedia Foundation had stated its readiness to take action regardless of the community verdict.[19][20]
Did AT go beyond that and manipulate any relevant part? That's rather difficult to say now. AT is obviously tampering with evidence, but so is Wikipedia; their admins have heavily redacted their archived Talk pages out of fear one of these pseudonyms might be an actual person, so even what exactly WP accuses AT of is not exactly clear.
Unless you're arguing that the response by archive.today retroactively justifies the behaviour of Jani Patokallio, which would be a bizarre take.
How is that supposed to be a big deal when the one of core services archive.today provides is obviously illegal anyway?
>the site has a bad reputation
Not compared to archive.org. archive.is has a much better track record.
They arent being flagged because of the attention.