# Awazon Mirror Status, full text > Verified 2026-07-17. Site: https://mirrors-awazon.shop Language: English Use: reference --- # Mirror pool ## Primary (AWZ-01) State: operational. Uptime: 99.4%. Latency: low. Added: 2024. - http://awazoneqkwtrk5ylid5aammako4zc4qz2lvo4n47t62isvnet63usaid.onion The primary address is the oldest in the Awazon pool and the one the board recommends trying first. Longer-lived onions accumulate stable Tor descriptor consensus and tend to route through known-good guards, which is why this address usually resolves faster than a freshly rotated one. Over the observation window it has held the highest availability of the three, sitting above ninety-nine percent. That figure is measured from periodic reachability checks across several Tor circuits, not a live probe, so treat it as a recent trend rather than a to-the-second guarantee. When the board records a dip, it lands in the incident log with the date and the duration. Latency is the other axis the board tracks. On this address it reads low, meaning the anti-DDoS queue and the login captcha usually render within a few seconds on a healthy circuit. If it stalls for longer than a minute on your side, the cause is almost always your circuit rather than the address. Build a new one and retry, or move to the secondary while you do. Whatever address you use, verify it before you enter anything. Copy it from this board, hold it against the address the login captcha prints, and never type a fifty-six character string from memory. See verifying a mirror. --- ## Secondary (AWZ-02) State: operational. Uptime: 98.9%. Latency: low to medium. Added: 2024. - http://awazonloedcyl2otgftfg7qm6e2klbgg2dhouyli3hdno6gdkueh6byd.onion The secondary address exists so that a problem with the primary never takes Awazon out of reach. Every address in the pool resolves to the same market with the same account, balance and order history, so switching from one to another costs you nothing but a fresh Tor circuit. When the primary is slow, this is the address to move to. Availability over the window sits just under the primary, in the high ninety-eight percent range. The small gap is not a reliability concern. It reflects the primary catching slightly more traffic and therefore slightly more of the routine checks that happen to land during a queue. Both addresses are equally genuine and equally safe once verified. Latency reads low to medium. On a good circuit it is indistinguishable from the primary. Under a coordinated flood it may queue a little longer, which is expected behaviour and the reason the pool has more than one address in the first place. The verification rule does not change between addresses. A secondary is not a lesser address that earns less scrutiny. Verify it the same way, every session. See verifying a mirror. --- ## Tertiary (AWZ-03) State: operational. Uptime: 98.1%. Latency: medium. Added: 2024. - http://awazonozc4jwyrveu4473igv5ldt2hnccl2s7lerm2z27cvrc22e4uyd.onion The tertiary address is the deep fallback. Its job is to be there when the primary and secondary are both under pressure at once, which is uncommon but exactly the scenario a single-address market cannot survive. If you have tried the first two and both are stalling across fresh circuits, this is the address to reach for. Availability over the window is the lowest of the three at around ninety-eight percent, which still means it is reachable the overwhelming majority of the time. The figure is lower mostly because this address is exercised less, so a brief dip weighs more heavily in the percentage. It is not a warning sign. Latency reads medium. It may take a little longer to clear the queue and render the captcha, particularly right after a rotation while its descriptors propagate through the Tor network. Patience of a minute is normal here. If nothing renders after that across two or three circuits, check the incident log in case a wider event is in progress. Same verification, every time. Copy from the board, compare against the captcha, never type from memory. See verifying a mirror. --- # Incident log ## 2026-05-18 - Elevated queue times on the primary during a flood window (minor) Over a window of several hours the primary address ran longer anti-DDoS queue times than usual under what looked like a coordinated flood. The board recorded queue waits stretching past a minute on some circuits where they normally clear in seconds. At no point was the market itself down. The secondary and tertiary addresses stayed responsive throughout, which is precisely the reason the pool holds three addresses. Readers who switched from the primary to a fallback continued without interruption. Readers who waited on the primary saw longer queues but still got in. The board's guidance during a flood is unchanged. Do not sit on a slow address hoping it recovers. Move to the next address in the pool, verify it, and continue. A flood raises queue times, it does not compromise the addresses, and the verification rule protects you either way. The window closed on its own as the flood subsided. No rotation was needed and no address was retired. --- ## 2026-03-02 - Descriptor propagation lag on the tertiary after a routine refresh (informational) Following a routine descriptor refresh, the tertiary address was slow to resolve for roughly a day. This is normal Tor behaviour. When a hidden service publishes fresh descriptors, they take time to propagate through the distributed hidden service directory, and during that window some clients find the address before others do. The primary and secondary were unaffected and carried traffic normally. Readers who needed the tertiary specifically during that day saw longer resolution times or the occasional failure to connect, both of which cleared as propagation completed. No action was required and none was taken. The entry is logged here because the board records propagation lag as an informational event so that a reader who hit it can see it was expected rather than a sign of a problem with the address. --- ## 2026-01-20 - A lookalike address was circulating outside the signed pool (advisory) An address close to the secondary was reported circulating on third-party link lists during this window. It was a phishing clone, never part of the signed Awazon pool, and it copied the login page to harvest passwords. This is the most common attack against any Tor market and the reason the board exists. A clone differs from a genuine address by a few characters in the middle of the string, where the eye does not catch a substitution. The defence is not vigilance about which list you read, it is verification. Copy addresses from the signed pool, check the address against the one the login captcha prints, and the clone falls apart on inspection because it cannot serve the correct address in the captcha while pointing you at the wrong one. The board took no action beyond logging the advisory, because there was nothing on the genuine pool to fix. The clone lived outside it. Readers who verified were never exposed. See how phishing works and verifying a mirror. --- ## 2024-08-01 - Mirror status board established for the Awazon pool (informational) This board began tracking the Awazon mirror pool from this date. The pool at establishment held the three v3 onion addresses it holds now, each resolving to the same market, published with a PGP signature. The board's purpose is narrow and useful: give a reader a single place to find a verified working address, see how the pool has been behaving, and read the access and safety guidance around it. It is not the market and it takes no payment. It observes addresses that already exist and records what it sees. Everything since this date that materially affected reachability is in the incident log above this entry. --- # Access ## Installing Tor Browser *The one download that opens every Awazon address.* Every Awazon address is a Tor hidden service, and a hidden service only opens in Tor Browser. Install it correctly once and most of the ways a first connection goes wrong are closed before you start. ## Download from the official source only The only place to get Tor Browser is the Tor Project website. Any other download is either an unverifiable mirror or a modified build with something added you do not want. If a download page is not the official project, close it. ## Verify the signature the first time The Tor Project signs every build. Verifying that signature against the project key the first time is the difference between a clean browser and one that quietly leaks around Tor. The download page walks the check for every system. ## Set the security level to Safest Open the shield beside the address bar and set the level to Safest. That turns scripting off everywhere, which removes the most reliable route to break anonymity from inside the browser. Awazon works at Safest, so you lose nothing you need. ## Leave the browser as it ships Do not resize the window, do not add extensions. Both make your browser fingerprint unique, the opposite of what Tor is for. Use it exactly as it comes, then bring a verified address from this board. --- ## The Awazon login flow *From address to account, step by step, plus the check that matters.* The Awazon login is a short sequence, and one step in it is the check that protects you. Here is the whole flow. ## Paste a verified address Copy an address from this board, paste it into Tor Browser, and press return. Do not type it by hand. A single wrong character in a fifty-six character string sends you somewhere that is not Awazon. ## Clear the queue An anti-DDoS wait page may hold you for a few seconds to a minute depending on load. When it clears, the captcha renders. ## Read the captcha address, then solve it The Awazon login prints its own address near the captcha. Hold that against the address in your bar. If they match, solve the six-character captcha, which is case sensitive. If they do not match, close the tab, you are on a clone. ## Ignore the decoy fields The login form places a couple of fake input fields next to the real one, and their names rotate on every page load. This is a honeypot that traps automated fillers. Type into the visible real field only. A password manager keyed to the exact page will handle this correctly, or type by hand into the field you can see. --- ## The captcha, and why it prints an address *Six case-sensitive characters, and the fingerprint check baked in.* The Awazon captcha does two jobs. It slows automation, and it gives you a way to catch a phishing clone in a single glance. ## The puzzle Six characters of text, case sensitive. Read the case carefully, because a lower-case letter typed as a capital fails the check. It is deliberately simple for a human and awkward for a script. ## The embedded address The genuine login renders the market's own onion address into or beside the captcha image, generated server-side in the same file the browser downloads. Your job is to compare that printed address against the one in your browser bar before you type a password. ## Why a clone struggles to fake it A phishing site can copy the Awazon theme in minutes. What it cannot easily do is serve the correct Awazon address inside the captcha while your bar shows the clone's address. The two will not match, and the mismatch is the tell. Do this check every session, not just the first, because a bookmark can go stale between rotations. --- ## Using bridges when Tor is blocked *For reaching Awazon when your border blocks Tor itself.* Some ISPs and some countries block Tor entry. A bridge routes your Tor connection through a relay that is not on the public list of Tor nodes, which hides that you are using Tor at all. ## When a bridge helps Use one when Tor Browser cannot connect, connects very slowly, or when the Tor Project site itself is blocked where you are. Those are the signs your border is watched. ## When it does not If Tor is not blocked where you are, a bridge only adds latency for no gain. It is a tool for a specific problem, not a default. ## How to set one Open the Tor Browser connection settings, choose to use a bridge, pick the built-in obfs4 option or request one from the Tor Project, and restart. That is the whole setup. ## What it does not change A bridge hides that you are on Tor. It changes nothing about what you do once you are on Tor. Every rule on this board about verifying an Awazon address still applies exactly. --- ## Reaching Awazon from Tails *A whole system that forgets the session at shutdown.* Tor Browser protects your traffic. It does not protect the machine underneath, which is still your everyday system. Tails closes that gap. ## What Tails is A complete operating system that boots from a USB stick, routes everything through Tor, and forgets everything at shutdown. Nothing is written to the machine's own disk. ## What it protects A device examined later carries no record of the session, and no application can accidentally reach the network outside Tor. Those are the failure modes Tor Browser alone leaves open. ## When it is worth it For casual use, Tor Browser on your normal system is fine. For anything where the machine remembering the session is a risk you care about, Tails is the tool. Boot, use, shut down. The board recommends it for readers whose threat model includes their own hardware. --- ## Awazon on a phone *It works on Android. Do the careful parts on a desktop.* Tor Browser for Android opens Awazon. A phone is a narrow path, though, and some of the careful work is harder on it. ## What works Login, the queue, the captcha, browsing, ordering, messaging, disputes. The market functions on a phone the way it does on a desktop. ## What is harder Copying a fifty-six character address is fiddlier on a touch screen and truncating one by accident is easier. Read back what you pasted. Verifying a PGP signature is more awkward because the desktop tools are better. And the mobile anonymity set is smaller. ## The iOS problem There is no genuine Tor Browser for iOS. Apple forces every browser onto one engine, which limits how much a Tor-focused browser can differ from a normal one. Prefer Android or a desktop. ## The rule Do the setup-heavy work, first registration and PGP checks, on a desktop. Do routine things wherever is convenient. --- ## Why the security level goes to Safest *The one browser dial that matters, and why Awazon still works at the top.* The Tor Browser shield hides three security levels, and for Awazon only one is correct. ## What the levels do Standard leaves scripting on. Safer disables some risky scripting. Safest turns scripting off everywhere. The levels are not about the Tor network, which is identical at each. They change what the browser does with a page once it arrives. ## Why Safest Scripting in a hostile page is the single most reliable route to break anonymity from inside the browser. Turning it off closes that route. Safest does it unconditionally. ## Why Awazon still works Awazon is built to work with scripting off. Login, browsing, checkout and messaging all function at Safest. You give up nothing you need and close the most important hole. Set the dial to Safest for the session. --- # Payment ## Depositing Bitcoin *Route through a wallet you control, mind the fee, wait for confirmations.* Awazon issues a fresh deposit address per order, so the bookkeeping is handled for you. What you control is where the coin comes from and how you send it. ## Do not send straight from a KYC exchange Sending directly from an identity-checked exchange to the market ties your name to the deposit through the exchange records. Route through a fresh wallet you control first, such as Sparrow or Electrum. Better still, hold Monero instead. ## The deposit Open the order, copy the deposit address Awazon shows, send exactly the amount from your wallet, and wait for the confirmations the market asks for. The balance credits once they land. ## Fee awareness Bitcoin fees swing with congestion. Overpaying wastes money, underpaying gets the transaction stuck. Check current fee guidance and pick a rate that confirms within a reasonable window. ## After it clears Keep the on-market balance sized to the order in front of you. Do not park a large balance on any market between orders. --- ## Depositing Monero *The privacy default. Faster, cheaper, and unreadable on-chain.* Monero is the coin the board recommends when privacy is any part of why you are here. It hides the sender, the receiver and the amount by design, so the payment is not legible on a public ledger the way Bitcoin is. ## A wallet you control Use Feather on the desktop or Cake on mobile. Both keep your keys in your hands. Cake also carries a built-in swap that converts Bitcoin to Monero without an exchange in the middle, which is the common way people move an existing Bitcoin balance into Monero. ## The deposit Open the order, copy the Monero deposit address Awazon issues, send from your wallet, and wait for the confirmations the market asks for. Monero confirmations are quick and the network fee is a fraction of a cent. ## Acquiring it without KYC Peer-to-peer options and in-wallet swaps let you get Monero without an identity-checked exchange. See non-KYC funding for the routes. --- ## Which wallet to use *Non-custodial only. The short list per coin.* The wallet you deposit from should be one you control. Custodial wallets and exchange accounts defeat the point. ## Bitcoin Sparrow is the privacy-aware desktop choice, with coin control and hardware wallet support. Electrum is the lighter option. Both hold your own keys. ## Monero Feather is the light desktop wallet that needs no full node. Cake is the mobile-friendly one and carries a Bitcoin-to-Monero swap. Both keep your keys yours. ## What to avoid Custodial exchange wallets, browser-extension wallets, and anything that will not export a seed phrase or that syncs to a cloud account by default. If you cannot hold the keys, it is not where your coin should sit before a deposit. --- ## Funding without KYC *Getting coin without an identity-checked exchange in the middle.* The privacy of a deposit is only as good as the coin that funded it. Coin bought from an identity-checked exchange and sent straight to a market ties your name to the deposit. These routes avoid that. ## In-wallet swaps If you already hold Bitcoin, a wallet like Cake can swap it to Monero through an integrated provider. The provider sees the addresses but not your identity, and the swap breaks the direct trail from an exchange to the market. ## Peer-to-peer Peer-to-peer platforms let you buy coin from another person with a range of payment methods and a random identity rather than a verified account. Fees are modest and the privacy is far better than an exchange withdrawal. ## The point Break the link between your real identity and the deposit address. Route through a fresh wallet you control, or swap into Monero, before the coin ever reaches Awazon. --- ## Confirmations and waiting times *What the wait is, why it exists, and when to worry.* A deposit is not credited the instant you send it. The market waits for the network to confirm the transaction, which is the wait you are watching. ## Why the wait exists Confirmations are the network agreeing the transaction is real and final. Crediting before confirmation would let a sender reverse a payment after receiving goods, so every market waits. ## Bitcoin Bitcoin confirmations depend on congestion and the fee you paid. A well-fee-d transaction usually confirms within the hour. A cheap one during congestion can take much longer. ## Monero Monero confirms quickly, usually within several minutes, and the fee is tiny, so there is little to tune. ## When to worry If a Bitcoin deposit is unconfirmed for hours, it is usually an underpaid fee rather than a lost payment. The transaction is on the chain and will confirm eventually. If the balance never credits after confirmations land, see a deposit that has not shown up. --- # Trading and escrow ## How Awazon escrow works *Funds held until the order is done. The one move that gives it up.* Escrow is what holds your money between paying and receiving. Understanding it is the difference between trusting the market blindly and knowing what protects you. ## The flow You fund the order, the vendor ships, you confirm receipt, and the coin releases to the vendor. If you never confirm, the order auto-finalises after a set window so a vendor is not left waiting on a buyer who wandered off. ## Disputes If something goes wrong, you open a dispute and a moderator reads the evidence and the message thread before deciding. A refund returns the coin to you. See opening a dispute. ## The one wrong move Finalising early means confirming receipt before the package arrives. It releases the coin to the vendor and removes the dispute path. On an unproven vendor it undoes your protection. Do not do it, whatever reason is offered. See why not to finalise early. --- ## Placing a first order *Small, cheap, standard escrow. You are testing the vendor.* A first order with any vendor is calibration, not commerce. You are buying information about whether the vendor does what they say, and the product is a side effect. ## Read the vendor first Every Awazon vendor page shows a deal count and a dispute ratio. Read both. A minute here is the most useful minute you will spend. See reading a vendor page. ## Keep it small Smallest quantity, cheapest product that tells you what you need, standard shipping, standard escrow. The right size is an amount you could lose without it mattering. ## Let escrow do its job Do not confirm receipt until the package is in your hands, whatever the vendor says about their reliability. Confirming early is the trap that removes the dispute path you would then need. --- ## Reading a vendor page *Two numbers, one minute, before every order.* Awazon puts the two numbers that matter at the top of every vendor page. Reading them takes about a minute and it is the difference between an informed order and a hopeful one. ## Deal count How many orders the vendor has completed. A high count over time is a vendor the market has watched work. A brand-new account with a handful of orders is not disqualifying, but it is unproven, and a first order there should be especially small. ## Dispute ratio The share of orders that ended in a dispute. Low is good. A rising ratio on recent orders is a warning even on a vendor with a long clean history, so weight the recent pattern. ## Finalise-early status New vendors cannot use finalise-early until they have run clean orders, and the profile shows their standing. A vendor still in escrow-only is one the market has not yet extended that trust to, which is useful context. --- ## Opening a dispute *When to open, what evidence, how to come out whole.* Sometimes an order goes wrong. A package does not arrive, arrives short, or arrives unusable. The dispute process is the way back. ## When to open Open when a vendor has gone quiet past a reasonable window after a clear question, when the order is well past the advertised time with no update, or when what arrived does not match the listing. Not before. ## What a moderator reads Your account of the problem, your evidence, the full message thread, and the vendor's dispute history. The evidence you bring up front is what the decision turns on. Clear photos and a calm factual account help you. ## Improving your odds Keep the language factual, not accusatory. Answer moderator questions quickly. Do not open several disputes at once. And never finalise early in the hope a vendor will reward you by shipping, because that removes the dispute path. --- ## Why not to finalise early *The single most common way buyers lose escrow protection.* Finalising early, confirming receipt before the package arrives, releases your escrow to the vendor and removes the dispute path. If the item then does not arrive, there is no route to reverse the release. ## Why vendors ask Some want the money before the shipping window closes. A few have reasons that are legitimate for a vendor you have used many times. Most requests to a new buyer from a new vendor are a scam pattern. ## The position Do not finalise early on an unproven vendor. If a vendor pushes back on the refusal, choose a different vendor. Awazon locks finalise-early behind vendor probation for exactly this reason, and giving up escrow voluntarily throws that protection away. --- ## How refunds settle *What a dispute pays back, and where the coin goes.* When a dispute resolves in your favour, the escrow returns to you rather than releasing to the vendor. Here is what that looks like. ## Full and partial A full refund follows an undelivered order or a clear vendor failure. A partial refund follows an order that arrived but fell short of the listing, where the moderator settles on a split. Both are decided from the evidence and the message thread. ## Where the coin goes A refund returns to your market balance, from which you withdraw to a wallet you control. Keep the balance small between orders regardless, so a refund is the only thing sitting there rather than a stack of unspent coin. ## After a refund Read the vendor's dispute history in light of your experience. One bad order can be noise. A pattern in the recent ratio is a reason to avoid the vendor going forward. --- # Safety and verification ## How phishing works, and the defence *The real threat here is a lookalike, not the market vanishing.* The way most people lose money on a Tor market is a lookalike address that copies the market and harvests the password they type into it. Phishing, not exit scams, is the main threat, and the defence is a habit. ## How the trap is set An attacker stands up an onion that differs from a genuine one by a few characters in the middle, where the eye slides past a substitution. They copy the login page exactly. You type your password and it is theirs. Some clones then ask for a recovery phrase, which the real market never does at login. ## The checks Copy addresses from the signed pool on this board and never type one from memory. When the login captcha prints the market's address, hold it against your bar and confirm they match. A clone can copy a theme but cannot easily serve the correct address in the captcha while sending you to the wrong one. ## Every session Run the check every time, not just the first, because a bookmark can point at an address that has rotated out and been picked up by someone hostile. --- ## Verifying a mirror *The two-part check that proves an address is genuine.* Verifying an address is two checks that together close the phishing hole. Neither takes more than a few seconds. ## The signed pool Awazon publishes its mirror set with a PGP signature. Verifying that signature against the market key proves the addresses came from the market and nobody edited them. Fetch the key once from two independent places, cross-check the fingerprint, and import it. See verifying a PGP signature. ## The captcha check When you reach the login, the captcha prints the market's own address. Compare it, character by character where it counts, against the address in your bar. Match means genuine. Mismatch means clone. ## Why both The signature proves where a published list came from. The captcha check proves the specific address you are on right now is the market's own. Running both catches more than either alone. --- ## Verifying a PGP signature *What a signature proves, and the check that proves it.* A PGP signature on the mirror list is how you know an address came from Awazon and not an impersonator. Here is what it proves and how to check it. ## What it proves Two things at once. That the message was signed by the holder of a specific private key, and that not one byte has changed since. For a mirror list, the addresses inside provably came from whoever holds the market key. ## The trust anchor The check is only as good as the key you check against. Fetch the market key once from two independent places, cross-check the fingerprint, and import it. Do not re-fetch it each time, because that is another chance to be handed the wrong key. ## Running it Save the signed list, run the verify with GnuPG, and look for the line that says the signature is good and names the market key. That line is the result. A warning that you have not certified the key is normal. A bad-signature line means the list was altered, and you trust none of it. --- ## Basic operational security *A stack of small habits that keep an account standing.* Operational security is not one dramatic precaution. It is a stack of small habits, each cheap, that together keep an account standing. ## A fresh identity Pick a username you have never used anywhere else. Reusing a handle from a clear-web account is how a name gets tied to a market account across platforms. ## A unique password Generate a long unique password and keep it in an encrypted local manager, not a browser autofill and not a cloud service. See passwords and the mnemonic. ## Session hygiene Close the browser after a session rather than leaving it open for days. A long-lived session is a longer window for something to go wrong. ## Small balances Money on a market is money exposed to whatever happens to the market. Keep the balance sized to the current order and withdraw the rest to a wallet you control. --- ## Passwords and the recovery phrase *Where each belongs, and where neither ever goes.* Two secrets anchor an Awazon account. The password opens it. The recovery phrase restores it if you lose the password. Anyone holding the phrase owns the account. ## The password Long, unique, generated, stored in an encrypted local password manager on a device you control. Not in a browser autofill, not in a cloud-synced manager, not reused from anywhere. ## The recovery phrase Write it on paper, in your own hand, and store it somewhere only you reach. Do not screenshot it, do not save it to a synced note, do not paste it into a page unless you are running a recovery you initiated. No genuine login asks for it. ## Why paper A phrase on paper is a phrase that cannot leak through a compromised device or a cloud account. It is low-tech on purpose. --- ## Choosing and keeping a password *Unique, generated, stored where only you reach it.* The password is the everyday lock on your account, and most account losses that are not phishing come from a weak or reused one. ## Generate it Use a password manager to generate a long random password. Do not use anything you can remember from personal history, and do not reuse a password from any other account. Reuse means a breach anywhere is a breach here. ## Store it right Keep it in an encrypted local manager such as KeePassXC on a device you control. Not in a browser autofill and not in a cloud-synced service. The database itself lives on encrypted local storage. ## Pair it with the phrase The recovery phrase is the backstop if the password is lost. Store the two separately and treat the phrase with more care, because it alone restores the whole account. See the recovery phrase. --- # Troubleshooting ## An address will not connect *Almost always your circuit or a flood, not the market.* An Awazon address that will not connect is almost never the market being gone. It is usually your Tor circuit or a temporary flood raising the queue. ## Build a fresh circuit Use the Tor Browser menu to request a new identity or a new circuit for the site, then retry. A bad guard or a congested path is the most common cause and a fresh circuit fixes it. ## Switch addresses Move to another address in the pool. All three resolve to the same market. If the primary stalls, the secondary or tertiary usually opens. Verify whichever you land on. ## Check the incident log If all three stall across different circuits for several minutes, open the incident log. A wider event, if one is in progress, is recorded there. Otherwise wait a short while and retry. --- ## The captcha will not accept my answer *Usually case, sometimes a stale page.* The Awazon captcha is six characters and case sensitive, and most rejections come down to case or a stale page. ## Check the case Read the characters carefully and match the case exactly. A capital typed as lower-case, or the reverse, fails the check. This is the most common cause. ## Reload for a fresh puzzle If the page has been open a while, reload it for a fresh captcha and fresh field names before trying again. A stale page can carry an expired challenge. ## Type into the real field The login has decoy fields whose names rotate. Type into the visible real field only. If a password manager is filling the wrong field, fill the visible field by hand instead. ## Confirm you are on the real site Before troubleshooting further, confirm the captcha's printed address matches your bar. A clone's captcha can behave oddly because it is not the real one. --- ## The captcha address does not match my bar *Stop. This is the phishing signal. Do not enter a password.* If the address the login captcha prints does not match the address in your browser bar, stop. This is the exact signal a phishing clone produces, and it means you are not on the genuine Awazon. ## Do not enter anything Do not type your password. Do not type your recovery phrase. Do not solve the captcha. Close the tab. ## Recover safely Open this board fresh, copy a verified address from the signed pool, and try again on a new Tor circuit. Do not reuse the address that mismatched, and do not trust an address handed to you from a stranger or a random link list. ## If you already entered a password Assume it is compromised. Reach the genuine market through a verified address, change the password immediately, and withdraw any balance. See how phishing works. --- ## A mirror is slow *Expected under load. Switch rather than wait.* A slow address is usually a busy address or a bad circuit, not a broken one. The board's advice is to switch rather than wait. ## Why it slows Under a flood, the anti-DDoS queue holds you longer by design, so the login behind it is not overwhelmed. A congested Tor path on your side has the same effect. Neither means the market is failing. ## What to do Move to another address in the pool and try that. Build a fresh circuit for a second attempt on the original. One of the three usually clears quickly. Verify whichever you land on. ## When it is wider If all three are slow at once across fresh circuits, a flood window may be in progress. The incident log records these. They pass. --- ## A deposit has not shown up *Usually confirmations, occasionally an underpaid fee.* A deposit that has not credited yet is almost always waiting on confirmations rather than lost. ## Check the confirmations The market credits after the network confirms the transaction. Bitcoin can take from minutes to hours depending on the fee you paid and current congestion. Monero is usually quick. Until the required confirmations land, the balance will not show. ## An underpaid Bitcoin fee If a Bitcoin deposit is stuck for hours, the usual cause is a fee too low for current congestion. The transaction is on the chain and will confirm eventually as the mempool clears. It is delayed, not lost. ## Confirm the right address Make sure you sent to the deposit address from the correct order. Awazon issues a fresh address per order, so sending to an old one is a common self-inflicted problem. ## Still nothing Once confirmations have clearly landed and the balance still does not show, contact market support through the on-site message system with the transaction details. --- ## The login keeps looping *Cookies, a stale page, or the wrong field.* A login that returns you to the login page instead of the account usually has a simple cause. ## Reload cleanly Open a fresh copy of the login from a verified address rather than a page that has been sitting open. A stale page can carry an expired session or captcha. ## Allow the site its cookies Tor Browser at Safest still allows first-party cookies, which the session needs. If you have manually blocked cookies for the site, the login cannot hold a session and will loop. ## Type into the real field The decoy login fields trap automated fillers. If your password manager is filling a honeypot, the real field stays empty and the login fails. Fill the visible field by hand. ## Confirm the address A clone can loop you deliberately while it captures what you type. Confirm the captcha address matches your bar before trying again. --- # Glossary **Anti-DDoS queue**: A waiting-room page in front of the login that holds every visitor for a short spell so bots cannot hammer the captcha behind it. A flood raises its wait time. **Availability**: The share of checks over a window in which an address resolved and answered. Reported on this board per mirror as an uptime percentage. **Descriptor**: The information a Tor hidden service publishes so clients can reach it. After a refresh, descriptors take time to propagate, which can briefly slow resolution. **Fallback**: A secondary or tertiary address you switch to when the primary is slow. Equally genuine and equally safe once verified. **Finalise-early (FE)**: Confirming receipt before a package arrives. It releases escrow to the vendor and removes the dispute path. Avoid it on an unproven vendor. **Guard**: The first relay in your Tor circuit. Long-lived addresses tend to route through known-good guards, which is part of why they resolve faster. **Incident**: A logged event that affected reachability, with a date, a severity and a resolution. The board keeps a running incident log. **Latency**: How long an address takes to clear the queue and render the login on a healthy circuit. The board reads it low, medium or high per mirror. **Mirror**: A distinct onion address that resolves to the same market. Awazon runs three so a problem with one does not take the market down. **Onion address**: A fifty-six character v3 Tor address ending in .onion. Copy it, never type it, and verify it against the login captcha before entering credentials. **PGP-signed pool**: The set of addresses the market publishes with a PGP signature. Verifying the signature is how you know an address came from the market and not an impersonator. **Rotation**: Adding or retiring an address in the pool. Announced with a signature. A freshly rotated address may resolve slowly until its descriptors propagate. **Uptime**: See availability. Reported per mirror as a percentage over the observation window.