I am talking about some way to report it (without exposing my identity - using Tor browser) or let it be shutdown.
Related Tor FAQ: https://support.torproject.org/abuse/#abuse_remove-content
Report1: https://report.cybertip.org
Report2: https://www.iwf.org.uk/en/uk-report/
Report3: https://www.inhope.org/EN#hotlineReferral
Here is how to report bad site, in case you find any clearnet traces on the .onion site, incl. email address.
In this particular case, I have been able to spot the ODER/BUY NOW link which lead to a clearnet site. Within a second, it then redirected to a onion site, where I have found an e-mail address. So i had 2 ways to report this (clearnet website and an e-mail).
So run whois lookup (for example at https://who.is/whois/ for mentioned clearnet redirect domain name) and inside the output, discover which nameservers/hosting company it is using. Since it has been using Cloudflare, I have submitted the report form on Cloudflare site. Second thing is that e-mail address the paedopile worm provided on the site. I could visit that email service domain to find abuse contact. I have written steps on how i have discovered the initial link and found the e-mail so they can verify the case.
Do you know other way when you do not find any clearnet traces?
That is true. But the rule of thumb on the dark web is if it's easy to find it's probably a honeypot. This applies to anything widely illegal, like drugs or cp.