So the mysterious person behind archive.today is very likely to be "Masha Rabinovich."

@jik my best guess is that the captcha page just isn't something people think to inspect. it is a very brief page the user will only ever encounter on a journey, a page that they strive to move through as efficiently as possible. Furthermore it *looks* like a cloudflare captcha so users are very familiar with it (it is not a cloudflare page).

@eb @jik a captcha page presents nothing, takes a long time thinking, and is expected to be weird acting. Great cover for a ddos bot

I also just wish to stress that by visiting archive.today or related web properties your device is being used as a participent in a DDoS attack against Jani. archive.today is not safe to use. 🧵

@jik my best guess is that the captcha page just isn't something people think to inspect. it is a very brief page the user will only ever encounter on a journey, a page that they strive to move through as efficiently as possible. Furthermore it *looks* like a cloudflare captcha so users are very familiar with it (it is not a cloudflare page).

But what's really interesting is the motivations.

1. Why now, after 2 years?
2. Why run a DDoS, and yet defend Jani in the comments?: https://news.ycombinator.com/item?id=46629823
3. Why register for a forum using your "name" to draw attention to a DDoS being ran by *your own site*?

This seems like a ploy for attention. Perhaps the FBI has finally found him and Masha wants to go out on his own terms?: https://arstechnica.com/tech-policy/2025/11/fbi-subpoena-tries-to-unmask-mysterious-founder-of-archive-today/

Perhaps Masha is a fake name and the real name leaked so he wants to publicize Masha? 🧵

Are you saying that the landing page I've been redirected to for the past 5 years on the archive.today network has actually been a DDOS tool the whole time?

Or is it just discreetly packaged alongside Google reCAPTCHA?

@eb while that is a good guess, and may be part of the reason, the owner told me they only put it on the CAPTCHA page because:

We do not want to ddos them to death, just attract attention and increase their hosting bill

Read that as you will.

@eb I can't answer #2 and #3, but I emailed the owner and asked why they waiting 3 years, and they gave the fairly strange response that since the person/people mentioned in the article recently became EU citizens, the blog post now violated GDPR.
Even taking that at face value, it doesn't really explain why they chose to launch a DDoS attack.

https://infosec.exchange/@iampytest1/115905994565109535

Just out of curiosity, do you know Jani Patokallio?

@iampytest1 you're in contact with the admin of archive.today? can you put me in contact with them?

@eb I just emailed webmaster@archive.ph, which is the email listed on their website, and they responded using norapuchreiner@cofed.com.

@iampytest1 Thanks.

I also just wish to stress that by visiting archive.today or related web properties your device is being used as a participent in a DDoS attack against Jani. archive.today is not safe to use. 🧵

@eb I am out of the loop on all this gyrovague doxxing and archive.today, who are these people and what is going on?

@semitones the administrators of archive.today are using the visitor’s browser to spam requests to gyrovague, who they accuse of doxxing them, while simultaneously doxxing themselves in the process

@eb I am not sure what gyrovague is, but ublock origin blocks it as part of HaGeZi - multi ultimate mini blocklist. Not sure why.

Also not sure what gyrovague said but since the website is blocked and ddg is not helpful I'm still in the dark unfortunately...

@semitones I don’t really know what you want me to say. I don’t know why that site is blocked.