To view the list of links, please access this site using Tor Browser.
If you’re seeing this message, access is restricted for regular browsers.
Already using Tor? If you are sure you’re currently in Tor Browser, proceed to our .onion version:
Cloudflare received a phishing report regarding:
archetyp[.]cc
Below is the report we received:
Reporter: Anonymous
Reported URLs:
hxxps://www[.]archetyp[.]cc
Original Work: Archetyp DarkWeb Marketplace
Logs or Evidence of Abuse: Dear Cloudflare Security Team,
I am writing to bring to your attention a serious concern regarding the domain
www.archetyp.cc, which is associated with a rotator service for the dark web market
known as Archetype. This market is reportedly involved in the sale of illegal
substances, including fentanyl, which poses a significant risk to public safety,
particularly to children worldwide.
Key Points of Concern:
Association with Dark Web Market: The PGP signature displayed on the website
verifies that the onion links provided for accessing the Archetype market belong
to the market administrator. This indicates a direct association between the
domain and illicit activities.
Phishing Domain: While www.archetyp.cc itself may not be a phishing domain, it
is important to note that archetyp.cc is suspected of phishing activities. Given
the nature of the content and services offered, it is crucial to consider the
potential risks associated with both the main domain and its subdomains.
Illegal Activities: The Archetype market is reportedly facilitating the sale of
dangerous drugs, including fentanyl, which have been linked to numerous
fatalities, particularly among children. This raises significant ethical and
legal concerns regarding the hosting and support of such a domain.
Responsibility of Domain Name Servers: As the nameservers for archetyp.cc are
managed by Cloudflare, there is a responsibility to take action against domains
that are involved in criminal activities. The continued operation of this domain
under your services could implicate Cloudflare in facilitating these illegal
activities.
Request for Action:
Given the serious nature of these allegations, I urge Cloudflare to investigate the
activities associated with www.archetyp.cc and its subdomains. It is imperative to
take swift action to prevent further harm and to uphold the integrity of your
services.
Conclusion:
The potential risks associated with the continued operation of this domain are
significant. I trust that Cloudflare will take this matter seriously and act
accordingly to protect the public from the dangers posed by the Archetype market.
Thank you for your attention to this urgent matter.
Sincerely,
Andrew
We have forwarded this complaint to your hosting provider. We have restricted
access to the phishing-related content until it has been removed.
To respond to this issue, please reply to abusereply@cloudflare.com.
Regards,
Cloudflare Trust & Safety
85qH5Jy2T6tLHXbbaXMJC42YA9pCFb9pY7xDhgWJzBnxK9W9fh2XH7TE1Aw61TeUeU7C6L322S89d4f9W59S7Ur8AjkkarG
BigBossCheffofArchetyp
I picked DDoS-Guard.net so either /u/crackheaddom101 or /u/CodeIsLaw won this. Not sure about the timestamps as posts were edited. I asked HugBunter if he can review it and let me know who won./u/jackroberts won!
/post/d19015fb7b24e0324883/#c-1227d4615a59e66e18
To all other participants, thank you very much! There are a lot backup solutions now and if we change to one of them in the close future, you will receive a thank you as well.
No offense to you jackroberts and enjoy the money. But how can any admin take comments from /u/jackroberts like
or
or
and think such user would provide the best technical answer? Most of the words like setting up Endgame had nothing to do with it only throwing random comments at the wall and see what will stick.
Putting the great choice aside.
The exercise was to mitigate as much possible of domains being taken down/resistant to abuse. You can rotate CDN without disposing of the domain. But you would still be vulnerable to the same type of reports as the CDN and as the previous takedown of the .cc domain. Wasn't the whole post about finding a solution or was it about asking a provider?
DDoS Guard blocks Tor IPs on first sign of attack.
All your competitors need to do is put a light attack and majority of your audience will be blocked by the CDN itself.
When high volumes of attack happens javascript based solution will be provided to users by DDoS Guard. Given Archetyp is in the crosshairs of police as the top market how smart would it be to recommend to users to use clearnet link rotator and enable javascript?
Asking your audience is one thing. Choosing a bad solution is another. Prove me I'm wrong in anything I've said here or how my suggestion was worse.
Personally didn't feel it was required for me to post proof as I thought there were a bit more experienced people in charge who have used such services and know the outcome. I still don't understand the technical or otherwise reasons behind the winner choice of the contest.
not temporary solution. Doesn't answer the question of how my suggestion was inferior or why choose DDoS Guard. Literally one of the first suggestions on page 1 when you search Alternatives for Cloudflare. DNS side some of the fast flux suggestions by other users though not on topic like the original winner were still better to be considered than what you chose. Basically you paid 20.000€ for a 2 second Google search.
I get you're under a lot of pressure here to seem competent and in control and I'm really not trying to be nasty or asshole here but what you're saying doesn't make sense. At very best it doesn't answer the prove me wrong part or why the choice was made.
Your suggestion was to check Spamhaus and I think that's valid too but I would think rather for a new domain registrar in the future in case we need to replace the current domain?
I'm only trying to be objective and fact oriented and helpful of course.
But there are the points of blocking Tor IP under attack and enabling javascript solution to view the page under slightest attack.
You can transfer domains between registrars without issue.
and here /post/fa0a073593f68e7b995a
🎣
This comment was posted automatically by a bot. All AutoModerator settings are configured by individual communities. Contact this community's Moderators to have your post approved if you believe this was in error.
and here /post/fa0a073593f68e7b995a
🎣
This comment was posted automatically by a bot. All AutoModerator settings are configured by individual communities. Contact this community's Moderators to have your post approved if you believe this was in error.
Fast flux is actually easier than other solutions to be DDoSed. One of the reasons why /u/enzyme answer though certainly better than the winner wouldn't be the perfect solution in what was asked.
Fast flux has only a limited pool of IP it would rotate. They aren't configured to handle DDoS all attacker needs to do is be patient and collect all the IP then launch attack on all. Another alternative is to attack the name servers instead of the IPs. But for that exists double fast flux solution. If patient enough the attacker can learn both IPs and name servers.
Neither the IPs or NSes would be configured to handle large DDoS attacks. Some of the pool might be but not all as those costs are astronomical. Anyone who has fought serious DDoS attacks on the clearnet know what I'm talking about. Fast flux is used more to hide botnet command and control servers and other useful cases.
this is if your are the up and tight ... if it was me id be infecting devices just for this but that's me . but you guys have a valid point .. I just know
/u/BigBossChefOfArchetyp is fully capable of doing this on his own , he isnt dumb and has soild skill set. he can have it done in 2 days .. i used to do this at 16 .. i know he can do it . and like you said i used to use them for c and c cervers off irc and hosting phishing pages that would always get me red paged. also i think in this use case you can make it bend a diffrent way.. just because it good at hiding c and c's doesnt mean it can be repurposed for this imo .. again ..hats off to them and if it fits his business good. Also i am about to jump in this space... going to try to make it fun ... i want to push everyone to be better to make me the best i am.
and here /post/fa0a073593f68e7b995a
🎣
This comment was posted automatically by a bot. All AutoModerator settings are configured by individual communities. Contact this community's Moderators to have your post approved if you believe this was in error.
and here /post/fa0a073593f68e7b995a
🎣
This comment was posted automatically by a bot. All AutoModerator settings are configured by individual communities. Contact this community's Moderators to have your post approved if you believe this was in error.
and here /post/fa0a073593f68e7b995a
🎣
This comment was posted automatically by a bot. All AutoModerator settings are configured by individual communities. Contact this community's Moderators to have your post approved if you believe this was in error.
and here /post/fa0a073593f68e7b995a
🎣
This comment was posted automatically by a bot. All AutoModerator settings are configured by individual communities. Contact this community's Moderators to have your post approved if you believe this was in error.
Unrelated, I don't see this as an ip leak, it's a clearnet site and cloudflare does not provide anonymity nor they claim to. LE (and apparently anyone) can find an IP address behind cloudflare fairly easy but most likely all they can get is your onion list. Realistically this is not a big deal.
here is there llc name and addy "IQWeb FZ-LLC Office No 122, dic Building 03, Al Sufouh second, Dubai"
And please make sure that his is all working nice in the future, I don't want FUD about some IP leaks and shit...
Dread history proves that is not necessarily the better option unless the vendor knows how to create his own shop and can convince buyers to forgo escrow and trust them.
Pepperidge Farm Remembers when shop creators scammed the vendors, and their buyers, who paid them to create shops for them.
I would like to explain a few things here maybe you better understand my points:
1__Tor exit Relays are all public and their IP addresses are out there for the whole world to see. you can even go to the TorProject's website and check the Tor network's stats, exit relays,their IPs, etc. so it's actually possible to only allow traffic from Tor exit relay to a certain website. I think it takes a firewall configuration only.
2__/d/endgame can be configured and tweaked to work with clearnet domain names,you might wonder how does it work? a specific domain name is first registered (like:clownflare.com), then you should rent as many VPS or dedicated servers as you like in different parts of the world and set up the tweaked /d/endgame on them. after that you need something like bind9 on a few of the servers as well. in the end you will have a Content delivery network similar to cloudflare. you can use clownflare's name servers to act as a proxy in front of your domain name, but it won't be much effective, why? because LE can easily probe and discover clownflare's IPs across the world and after they are seized, they will figure out where your clearweb site is actually hosted.
3_Domain seizure will and can ultimately happen for any website,for example Savastan0 was using ".cc" for like 4 years. their domain was seized recently and they moved to a new one ".tools". so it's not such a big deal.
These are all temporary solutions:
In my opinion The best fix for Archetyp's situation is to grab like "3-4" permanent Tor hidden service mirrors and then expand their underlying Tor hidden service infrastructure horizontally on those "3-4" mirrors in a way so that no DDoS can take them down. This is possible in theory at least. something similar what Alexandre Cazes did with Alphabay "v1.0" back in 2016-2017.
I am just a noob here. so feel free to correct me if you feel I am wrong. thanks.
As for Arch scaling up with permanent mirrors, absolutely, they should have already been doing this but were trusting in PoW which can't really be scaled, I've suggested this to him and YGW seems to have agreed on it this time so that is likely what we will see. However, DoS attacks cannot be prevented completely still at this time, depending on the attacker's resources, you can outscale them, it all depends. There is only so much scaling before you hit bottle necks in the network and can't scale any further though. An attacker's capacity for scaling is essentially limitless.
With that being said, the most recent attack to hit us WAS huge, unexpectedly massive, though we were able to outscale it on limited resources still.
considering that Tor anonymity network is just a "complex of nodes across the globe acting as transport layer in TCP/IP model which route encrypted traffic among them". what do you exactly mean by "hit bottle necks in the network"? what is exactly bottle necks in the network? it's the total bandwidth of those nodes across the globe?? how can we increase the bottle necks capacity?? we need more relays? right?
Users and other hidden services will get disconnected from the network if their guard node is shared with an attacked service. Its a much bigger problem than many people realize, there was one attack years ago where we agreed with an attacker to call it quits and stop scaling, he stopped the attack because we estimated that we had touched over 50% of nodes on the network and everything started to slow down, there was a very real chance if it went much further that the entire network would have succumbed to the attack.
I don't know why it's taking the TorProject developers so long to rewrite Tor core in Rust.
Thanks hug!
https://torhoo.cc/go.php?u=YUhSMGNITTZMeTluYVhSc1lXSXVkRzl5Y0hKdmFtVmpkQzV2Y21jdmRIQnZMMk52Y21VdmRHOXlMeTB2YVhOemRXVnpMelF3TmpNMA==#
In the end I just pray it will last a couple weeks.
wcFMA2fQftzBwdfKARAAh3e7KyWZA7YD+/xYV9oDbI4cGpPxyHeaNmirSkar
eaPsKC8pla8SFxofjkq19wV/5pyI+lLepkCZaDV/+S+enZiHoDNIIk2hwkUo
LuLWQvXPz6w7PZzEkFE6uEoV0YfHHA0jVngsgnrHghp2yvg6rq+ub47Wx3dJ
u3EfG66TRvIqt1EtAz/YyempqwiE7bLXRTpAdaQrH4tEsTJXJloCEzzzF88y
0LIjdDUJqvBk6AIzazdeetxi9fG2teliHV9pYcDg4IH73OeIeiEYhUNk8+k9
O8nwK6n0S99Lf0Tdq1GwraR8UdPYx+yQcSaS3zfnb5vm2nj8s+6dqkyE6Va3
EvPMZkqT0s2WVpExk0twA9q2ilYF8bBtZqdVS+ZXSs/jmQQHs2V1SqaZX0hg
khzNvlSJntIFGB4S/UqwX4nO762IBcoEtaI1yf8fhopfGrwBg8h/UnCbDope
yGgsvb4052AsvtTJbWT/i7qnx3nk357p7C0mGd79RaRLBXuxMCsLa2yYNQhn
vgNxr7UkSuSZBeS13Cep6gzAtm7g3luYrHXLNt18MEy67abmHObxWkjJXvOd
A2zrvXvPnx27z+n7xEc0DiBUSSG6SHkSyLZ7px9/AVJ8f45uTqSGsmzJl3Dn
C4DykvEgxx1t8X484gonBO+qUQRYrDo6/2sWLzPVYkrSwYIBSdUYkhBBdCUJ
G4Q+64wsRO8fKufmK1PPQaKFMbCMu41wMqGrQ5g7bQHUVQzMJXawXYQ+EqBv
u9aqKov5bHfXansivYqPU7ZMakzpwVpMKXnzXUgRpRteThgqtK0tI9/CaAFR
jUzFWRuS5CetPj/1HWUe3u7cUVVUZSJnKoiqQs9r5sRY2Mq88CaiLSI0mFbE
b7nzl6L9wkfLAGzKx//truXC6uo5SMe1vGVJ8bsaZGZIww84Hota/N+5uzA8
qkYj+qIbK/0o2Lglm9nilww52o9GVtOEGMvPVLa/vL0xhVmjD6UgiTFIicBY
BzCGnAvvRVmzSF0AYOZ0o9VVcF6tnajKLAr+NIFkG79bWzO6DAXz8aaTRN2N
9OICSe5raeoLi9Fc3yJdrFSsdw+3PTOydZQ7X6UPu5Mh/C0Koz2zf81/48zM
suRr01p3pSq08k5rPbLaA75FRlce0x5p9pi++6+kNk9+EWxyq82fr6pytbEH
qhEOKWFbhDMg1HrXCqDMutBGY/8fHwaAhVa6WRx4XoRaMpbq6kG67ae8R+wb
ORRNMAh2uqC3EtDFHQJdlIe6xDaT2KIslVcyS8KZqJfXCXUN5rcBFiDo9cgr
EKtcKAVbGXO9Fi2+6fpWueV79D/7/ZasjgzRcBnPtzkbJtEM7G155Udna3gB
AtXK8waaC0R7pRsj4KeuixowvnyulsGCiIiRTDzOwWFDZEbD8sxK1lutZuum
QV6+F9Ff4qMJP2I5d3bISsrzsiLUJdKBrKGmPQ==
=5oyb
-----END PGP MESSAGE-----
This comment was posted automatically by a bot. All AutoModerator settings are configured by individual communities. Contact this community's Moderators to have your post approved if you believe this was in error.
If you got banned and don't understand why read this:
/post/496acad78ccbf75835dc
If we blocked your withdrawal and you think we exit-scam read this:
/post/496acad78ccbf75835dc
This comment was posted automatically by a bot. All AutoModerator settings are configured by individual communities. Contact this community's Moderators to have your post approved if you believe this was in error.
crackheaddom101 - 22:21
CodeIsLaw - 22:45
Whenever CodeIsLaw gets fucked it always makes me happy
Thank you.