AdGuard DNS publishes investigation results revealing that the organization pressuring Archive.today, a web fish-printing service, is highly suspicious.
AdGuard DNS, which operates an ad-blocking DNS server, has reported in a blog post that it has received undue pressure to block archive.today, an archive site that stores snapshots of web pages.
Behind the complaints: Our investigation into the suspicious pressure on archive.today
archive.today is a type of web archiving service that stores copies of designated sites on external servers, allowing access even if the page is deleted. The identity of the archive.today administrator is shrouded in mystery, and it was reported in November 2025 that the site is under investigation by the FBI.
FBI investigating identity of owner of web fish print service 'archive.today' - GIGAZINE
AdGuard DNS, an ad-blocking and privacy protection service, reported receiving a request from the Web Abuse Association Defense (WAAD) to block archive.today and its mirror sites. WAAD claimed that archive.today hosts child sexual abuse material (CSAM) and has been ignoring removal requests since 2023. WAAD also threatened AdGuard DNS with immediate action, threatening legal consequences if the site did not comply.
AdGuard DNS found the request suspicious and contacted archive.today directly. The archive.today administrators removed the content within a few hours. However, the archive.today administrators responded that they had never received a removal request for the URL before, and WAAD's claim that they had ignored requests in the past is untrue. Furthermore, the administrators revealed that similar suspicious complaints claiming to be from a French organization had been sent to various companies.
So, AdGuard DNS investigated the group WAAD and found many puzzling things.
First, while WAAD's website contains references to law enforcement agencies such as Europol, there is no evidence of any affiliation. Additionally, the organization's domain name itself was only registered in February or March 2025, and its X (formerly Twitter) account was established in August 2025 and had only four followers.
Furthermore, inconsistencies were found in the report submitted by WAAD as 'evidence.' WAAD claimed that the investigation had been 'ignored since 2023,' but the submitted report was time-stamped to August 2025. It was not created by a law enforcement officer, but was a simplified record ordered through an online service. Furthermore, the name of the person who ordered the report matched the name of someone who had previously attacked archive.today, posing as a lawyer.
AdGuardDNS concluded that WAAD is a fictitious organization set up by someone to hide their identity, and that the series of actions was a malicious impersonation campaign. They also suggested that the FBI's investigation into archive.today may also be the result of a WAAD campaign.
Hacker News , a social news site, points out that the WAAD website uses a free HTML template with minimal editing, and the source code contains meaningless comments from the template. Furthermore, it is known that the domain hosting fee is inexpensive, starting from $5 (approximately 775 yen) per year, and was registered around January 2025.
It has also been pointed out that this case may be a typical false flag operation , in which the attackers themselves upload illegal content and then immediately report it to the DNS provider or hosting company rather than the site administrator. WAAD is planning to use socially unacceptable CSAM content as a weapon to isolate targeted sites from the Internet and force them to shut down. WAAD is trying to exploit French law by pressuring various parties, but it has been pointed out that by thoroughly concealing its identity, it may be trying to avoid the legal risks of false reporting.
Related Posts:
in Web Service, Posted by log1i_yk