Comment by stavros

I talked to the maintainer of archive.is years ago, they said this (hopefully they won't mind me posting):

> There have been numerous attacks where people upload illegal content (childporn or isis propaganda) and immediately reported to the authorities near the IP of the archive. It resulted in ceased servers and downtimes. I just have no time to react. So I developed sort of CDN, with the only difference: DNS server returns not the closest IP to the request origin but the closest IP abroad, so any takedown procedure would require bureaucratic procedures so I am getting notified notified and have time to react.

> But CloudFlare DNS disrupts the scheme together with all other DNS-based CDNs Cloudflare is competing with and puts the archive existence on risk. I offered them to proxy those CloudFlare DNS's users via their CDN but they rejected. Registering my own autonomous system just to fix the issue with CloudFlare DNS is too expensive for me.

When I proposed using the DNS server's IP instead, they said:

> It did not work initially because they have global planetwide cache.

> 1. Someone resolves domain from Brazil.

> 2. Website's DNS get request from Cloudflare Brazil DC.

> 3. The result is replicated to other Cloudflare DCs

> 4. Some from Turkey resolves same domain and get the cached value

> It could be worked around by setting tiny TTL, which would slowly end up in consistent results, but... After "I’ve proposed we just fix it on our end .." all requests for 7 archive.* domains are sent from Symantec USA IP