archive.today, DDoS, Cyber Security, Web Archives, Internet Abuse, Traffic Attack

Archive.today CAPTCHA Script Causes DDoS-Level Traffic Against a Blog

Published February 2026 · Investigation & Technical Analysis

An investigation has revealed that archive.today runs a CAPTCHA-page script that repeatedly sends automated requests to a third-party blog every 300 milliseconds — behavior consistent with a sustained DDoS-style traffic attack.

What Was Discovered

While examining archive.today directly, the CAPTCHA page was found running JavaScript that automatically triggers repeated search requests against a specific blog URL. These requests continue as long as the CAPTCHA page remains open.

The Script (Simplified)

setInterval(function() {
  fetch("https://gyrovague.com/?s=" + random);
}, 300);

For non-technical readers: this means the page sends about 3 automated requests per second to the same site, preventing caching and creating constant load.

Why this matters: Sustained traffic at this frequency can overwhelm small or personal websites, degrade performance, or cause outages — meeting practical definitions of a DDoS attack.

Community Reaction

The findings triggered extensive discussion on Hacker News and Reddit, where users examined the screenshots, code, and broader implications for web archives and site safety.

Sources

Original Investigation – Gyrovague Hacker News Discussion Reddit Thread (r/DataHoarder)