So the mysterious person behind archive.today is very likely to be "Masha Rabinovich."
-
I also just wish to stress that by visiting archive.today or related web properties your device is being used as a participent in a DDoS attack against Jani. archive.today is not safe to use. 🧵
Are you saying that the landing page I've been redirected to for the past 5 years on the archive.today network has actually been a DDOS tool the whole time?
Or is it just discreetly packaged alongside Google reCAPTCHA?
-
@jik my best guess is that the captcha page just isn't something people think to inspect. it is a very brief page the user will only ever encounter on a journey, a page that they strive to move through as efficiently as possible. Furthermore it *looks* like a cloudflare captcha so users are very familiar with it (it is not a cloudflare page).
@eb while that is a good guess, and may be part of the reason, the owner told me they only put it on the CAPTCHA page because:
We do not want to ddos them to death, just attract attention and increase their hosting bill
Read that as you will.
-
But what's really interesting is the motivations.
1. Why now, after 2 years?
2. Why run a DDoS, and yet defend Jani in the comments?: https://news.ycombinator.com/item?id=46629823
3. Why register for a forum using your "name" to draw attention to a DDoS being ran by *your own site*?This seems like a ploy for attention. Perhaps the FBI has finally found him and Masha wants to go out on his own terms?: https://arstechnica.com/tech-policy/2025/11/fbi-subpoena-tries-to-unmask-mysterious-founder-of-archive-today/
Perhaps Masha is a fake name and the real name leaked so he wants to publicize Masha? 🧵
@eb I can't answer #2 and #3, but I emailed the owner and asked why they waiting 3 years, and they gave the fairly strange response that since the person/people mentioned in the article recently became EU citizens, the blog post now violated GDPR.
Even taking that at face value, it doesn't really explain why they chose to launch a DDoS attack.https://infosec.exchange/@iampytest1/115905994565109535
Just out of curiosity, do you know Jani Patokallio?
-
Are you saying that the landing page I've been redirected to for the past 5 years on the archive.today network has actually been a DDOS tool the whole time?
Or is it just discreetly packaged alongside Google reCAPTCHA?
@liquidparasyte No, it hasn't been that way for the last 5 years.
The blog post which seemingly sparked this came out 3 years ago, and the malicious code was only added a few days ago.And also, reCAPTCHA is not the source of the malicious code. There is just a small script at the bottom of the page, added by the owner and separate from reCAPTCHA, which performs the DDoS.
-
@eb while that is a good guess, and may be part of the reason, the owner told me they only put it on the CAPTCHA page because:
We do not want to ddos them to death, just attract attention and increase their hosting bill
Read that as you will.
@iampytest1 you're in contact with the admin of archive.today? can you put me in contact with them?
-
@eb I can't answer #2 and #3, but I emailed the owner and asked why they waiting 3 years, and they gave the fairly strange response that since the person/people mentioned in the article recently became EU citizens, the blog post now violated GDPR.
Even taking that at face value, it doesn't really explain why they chose to launch a DDoS attack.https://infosec.exchange/@iampytest1/115905994565109535
Just out of curiosity, do you know Jani Patokallio?
@iampytest1 I have had email correspondence with Jani but I do not know them personally.
-
@iampytest1 you're in contact with the admin of archive.today? can you put me in contact with them?
@eb I just emailed webmaster@archive.ph, which is the email listed on their website, and they responded using norapuchreiner@cofed.com.
-
@eb I just emailed webmaster@archive.ph, which is the email listed on their website, and they responded using norapuchreiner@cofed.com.
@iampytest1 Thanks.
-
@iampytest1 Thanks.
@eb Their email responses were all pretty much 1/2 sentence(s) long.
I posted verbatim quotes here: https://infosec.exchange/@iampytest1/115905846553756281
But if you are curious, I can post/share the full exchange.They did respond very quickly, sometimes within a minute.
-
I also just wish to stress that by visiting archive.today or related web properties your device is being used as a participent in a DDoS attack against Jani. archive.today is not safe to use. 🧵
@eb I am out of the loop on all this gyrovague doxxing and archive.today, who are these people and what is going on?
-
@eb I am out of the loop on all this gyrovague doxxing and archive.today, who are these people and what is going on?
@semitones the administrators of archive.today are using the visitor’s browser to spam requests to gyrovague, who they accuse of doxxing them, while simultaneously doxxing themselves in the process
-
@semitones the administrators of archive.today are using the visitor’s browser to spam requests to gyrovague, who they accuse of doxxing them, while simultaneously doxxing themselves in the process
@eb I am not sure what gyrovague is, but ublock origin blocks it as part of HaGeZi - multi ultimate mini blocklist. Not sure why.
Also not sure what gyrovague said but since the website is blocked and ddg is not helpful I'm still in the dark unfortunately...
-
@eb I am not sure what gyrovague is, but ublock origin blocks it as part of HaGeZi - multi ultimate mini blocklist. Not sure why.
Also not sure what gyrovague said but since the website is blocked and ddg is not helpful I'm still in the dark unfortunately...
@semitones I don’t really know what you want me to say. I don’t know why that site is blocked.
-
@semitones I don’t really know what you want me to say. I don’t know why that site is blocked.
@eb me neither. I read the blog post
-
I ixi@mastodon.online shared this topic
