I am talking about some way to report it (without exposing my identity - using Tor browser) or let it be shutdown.
Here is how to report bad site, in case you find any clearnet traces on the .onion site, incl. email address.
In this particular case, I have been able to spot the ODER/BUY NOW link which lead to a clearnet site. Within a second, it then redirected to a onion site, where I have found an e-mail address. So i had 2 ways to report this (clearnet website and an e-mail).
So run whois lookup (for example at https://who.is/whois/ for mentioned clearnet redirect domain name) and inside the output, discover which nameservers/hosting company it is using. Since it has been using Cloudflare, I have submitted the report form on Cloudflare site. Second thing is that e-mail address the paedopile worm provided on the site. I could visit that email service domain to find abuse contact. I have written steps on how i have discovered the initial link and found the e-mail so they can verify the case.
Do you know other way when you do not find any clearnet traces?
There is no other way, that’s the point. Used the right way Tor hides you.
Freedom is “a double-edged sword”, just like control. If you want political dissidents to be able to hide, so will pedophiles.