Like many similar reports published most weeks by newspapers in Europe, an article published by Belgian media outlet L’Echo late Saturday evening pulled few punches.

The publication explained that after football broadcasters DAZN and 12th Player obtained authority from a local court for a new type of enforcement action, on Saturday Belgian ISPs blocked around 100 illegal streaming sites and five pirate IPTV providers. The measures were reportedly timed to take effect shortly before the start of the second day of the Belgian football championship play-offs, presumably to maximize the irritant effect of sudden pirate ssite blackouts.

“DAZN: First of Its Kind”

According to L’Echo, DAZN described the action as the “the first of its kind” and a “real step forward” in the fight against content piracy in Belgium. Comments like these are fairly standard in the anti-piracy arena, likewise claims that rightsholders have acquired a secret weapon capable of tipping the balance of power.

L’Echo’s report was much more balanced but if the various components came together as planned, major disruption of live match streams at a crucial point in the season seemed to have a real chance of success.

The groundwork was completed last month. An order issued by the Brussels Enterprise Court late March, authorized DAZN and 12th Player to engage in dynamic blocking boosted by a significant additional component.

While this would be its first use in Belgium, dynamic blocking is already used extensively elsewhere. The mechanism allows for speedy responses to blocking countermeasures, including domain changes and the appearance of proxies and mirrors, and there’s no requirement for a follow-up legal procedure.

Pirate sites are by now mostly familiar with dynamic blocking but in this case, the rightsholders also had an eye on spoiling a circumvention tactic popular with millions of users. Faced with blocking on Saturday, users in Belgium who switched from ISP-provided DNS to Cloudflare’s DNS wouldn’t have restored connectivity quite so easily. Moving to DNS provided by Google or Cisco may not have helped much either.

Cloudflare, Google, and Cisco Ordered to Block DNS Resolvers

Over the past several years, Cloudflare has faced several lawsuits that demanded pirate site blocking measures on its public DNS resolver. Rightsholders take the position that when ISPs implement DNS blocking, users shouldn’t be able to switch to a public DNS service like Cloudflare’s to regain access.

Those cases mostly focused on Cloudflare in Italy but a site-blocking case filed by Canal+ in 2023, concluded in 2024 with Cloudflare, Google, and Cisco ordered to prevent use of their DNS resolvers to access dozens of pirate sites.

In terms of platforms blocked in a single swoop, the order obtained by DAZN and 12th Player in Belgium may be even broader in scope.

New Law, New Blocking Momentum

New law passed in Belgium in 2022 aimed to strengthen rightsholders’ piracy-fighting capabilities. A new expedited judicial procedure at the Brussels Enterprise Court promised tougher measures such as dynamic blocking, and the creation of a new department within the Federal Public Service FPS Economy (SPF Économie).

Documents seen by TorrentFreak late last week include a notice penned by the Belgian Online Anti-Piracy & Illegal Gambling Office . The notice references a “regulatory order” to block public DNS resolvers, stemming from a court order concerning claims of copyright infringement against pirate streaming sites.

Domains For Blocking (public DNS resolvers) [dark square=domain unresponsive]

The notice does not mention DAZN or 12th Player by name but the nature of the domains (almost 140, all linked to illegal sports streaming sites) and the date of the notification (April 3, 2025) suggest a strong link to Saturday’s events. DAZN’s standing as a dominant rightsholder means the notice is unlikely to relate to anyone else.

Pro Site-Blocking ISPs

Site blocking has existed in Belgium for close to 15 years with The Pirate Bay an early target back in 2011. Until recently, however, site blocking measures have been quite patchy and lacked volume in general.

By the summer of 2024, DAZN and 12th Player were helping to push that trend in a different direction after obtaining an order to block around 90 pirate streaming sites offering content to which the companies own the rights.

Local ISPs Telenet NV, Proximus NV, Voo NV, and Orange Belgium NV were technically the defendants in that matter but the site blocking process in Belgium is completely non-adversarial. In February 2024, the CEOs of both Proximus and Orange openly spoke out in favor of site-blocking measures, with the former indicating they couldn’t come soon enough .

Resistance is Futile – and Expensive

Whether the Brussels Enterprise Court took the ISPs’ cooperation into account isn’t clear, but as far as we’re able to determine, the dynamic blocking order seems to have taken their compliance for granted. The same cannot be said of the operators of the public DNS resolvers, Cloudflare, Google, and Cisco.

The Court reportedly set penalties at €100,000 per day for non-compliance, a sharp turnaround from the status quo barely a year ago when public DNS resolvers mostly considered themselves too distant from infringement to be held liable. Given that the vast majority of the sites in the blocking order act as portals or indexes for content not even they host, links to direct infringement are distant indeed.

That raises the most important question of all: can blocking be considered successful if it doesn’t remove or even target the infringing streams that fuel the entire ecosystem?

From: TF , for the latest news on copyright battles, piracy and more.

Most prevalent in the movie and TV show sectors, applications for DMCA subpoenas are regularly filed at courts in the United States.

Aside from their intended purpose, DMCA subpoenas can provide useful clues about future anti-piracy strategies. When subpoenas are contested by intermediaries, subpoena applications sometimes become copyright cases in their own right. From a rightsholders’ perspective, in some cases they may be the only potential source of information yet to be exhausted.

Getting Prepared

A few days ago, the UK’s Premier League asked a California federal court to issue a DMCA subpoena against Cloudflare. The application identifies 38 target pirate streaming sites , many of which utilize multiple domains. Since the platforms all use Cloudflare, the Premier League hopes that information held by the company will help to unmask the sites’ currently anonymous operators.

Before filing an application under Section 512(h) of the DMCA, which allows copyright owners to obtain a subpoena and receive “information sufficient to identify an anonymous infringer,” applicants are first required to send DMCA takedown notices to the platform in question. The notices should identify the infringing content and state where the content can be found; in cases involving streaming sites, the right tools can prove helpful.

Recreating the Toolkit

The screenshot below shows a live match playing on a pirate streaming site. Culled from the Premier League’s application, it provides clues that allow us to start identifying the tools in use and the problems they’re likely to solve once combined with Open Source Intelligence ( OSINT ).

At a basic level in this context, OSINT can be almost any information made available on the internet. The screenshot is our primary source; it will help us identify the tools to recreate the toolkit, which in turn will use other public information sources to satisfy the requirements of the application.

M3U8 Sniffer

In this example it appears that when the Premier League visited the website sporttuna.pro, they were redirected to sporttuna.website and then to sporttuna.xyz (boxed in red).

Like most pirate sites, the ‘backend link’ or source of the stream (boxed in green) isn’t on public display. These links can be obtained in various ways but in this case, Chrome extension M3U8 Sniffer is the weapon of choice.

M3U8 Sniffer

From the developer’s website: The extension intercepts visited web page’s network requests and identifies all m3u8 video stream URLs. When a m3u8 URL request is found, it is displayed in a box that overlays the visited web page (see images above) from which you can copy the m3u8 URL or play the video stream. Also, you can open the extension’s popup window to view the first and last m3u8 URLs found for each site, as well as to set a variety of extension options.

M3U8 Sniffer is a free extension available from the Chrome Web Store. Further information is available from the developer at SnifferTV.com .

Identifying the Remaining Tools

Identifying the remaining tools was a little time-consuming but if we said the method was advanced or complicated, that would be a lie.

We simply trawled through the browser evidence images and took screenshots of the toolbars. These contain the icons of the apps used to obtain the evidence.

After extracting the toolbar icons we put those we recognized to the side, then identified the remainder using reverse image search tools. Straightforward options include Google Images and Google Lens .

As an alternative, Chrome extension RevEye Reverse Image Search provides instant results from Google, Bing, Yandex, and TinEye.

(Note: Bad extensions exist, trust nobody, check the source )

Internet Download Manager

Given that M3U8 Sniffer “does NOT provide functionality to download the actual video streams” another piece of software comes in handy. IDM is a popular choice in the niche and appears to be the downloader of choice in this particular toolkit.

From the official website: When you click on a download link in a browser, IDM will take over the download and accelerate it. You don’t need to do anything special, just browse the Internet as you usually do. IDM will catch your downloads and accelerate them. IDM supports HTTP, FTP, HTTPS and MMS protocols.

Unfortunately, IDM isn’t free but it is free to try via a 30-day trial . Some prefer JDownloader since the price is more predictable, but there are plenty of options in this niche.

Fiddler

Our best guess at identifying this next tool comes with a small caveat that its icon was almost impossibly blurred and even when fresh it’s still pretty basic. Ultimately, a green diamond and a single white ‘F’ works here.

Fiddler and tools with similar functionality (web debugging proxy tools) are used extensively by developers and investigators when keeping a close eye on HTTP traffic is a must. For those who’ve never cared to take a closer look, it can be real eye-opener. Even the most innocuous websites can behave pretty badly until users notice, so there’s never a bad time to take a first look.

Fiddler Classic and Fiddler Everywhere are both available as free trials, and the same is true for Charles Proxy which appears regularly as evidence in Indian site-blocking cases.

Some prefer to monitor traffic with Wireshark but for others it can be too much. Open source and available on Linux, Windows (GUI), and macOS, MITM Proxy will scratch most itches for free.

At a pocket friendly price of $0.00, the open source MITM Proxy (man-in-the-middle) does exactly as its name suggests, making it a popular choice.

Instant Datascraper

Scraping data from websites in a structured and usable format isn’t always easy and for big jobs, things can quickly descend into a time-wasting nightmare.

Instant Data Scraper hopes to eliminate the frustrations often associated with scraping and with over a million users, people seem happy with the results.

It’s impossible to say how the Premier League uses Instant Datascraper, but it could easily consume a visible members’ list in an instant or scrape a mountain of forum posts. The options are only limited by data becoming unavailable.

From the official site: Instant Data Scraper is an automated data extraction tool for any website. It uses AI to predict which data is most relevant on a HTML page and allows saving it to Excel or CSV file (XLS, XLSX, CSV). This tool does not require website specific scripts, instead it uses heuristic AI analysis of HTML structure to detect data for extraction. This means that our scraping method works just as well with small and lesser known websites, as it does with global giants like Amazon. Also, our users do not need to have any coding, json or xml skills

The software is free and available direct from webrobots.io and the Chrome Store .

IPNetInfo | Investigator

IPNetInfo describes itself a small utility that allows people to easily find all available information about an IP address. That includes the owner of the IP address and sundry other details. Hosted on Nirsoft.com and GitHub respectively, both also have a bit more to offer.

Investigator is actually a collection of useful tools , one of which is bound to come in useful sooner or later. Developed by Nirsoft, IPNetInfo is surrounded by dozens of other useful free tools at Nirsoft.net so still worth a quick visit.

Those with access to a Linux command line also have access to the best tools when investigating domains, IP addresses, and DNS. For Windows users or those who simply prefer the convenience of GUIs, the following perform well and look great too: Digger Tools , DNSViz , URLQuery , DMNSApp , URLScan , and WebCheck .

Finally, a pair of outliers to consider.

The End: Emulators

Given that there are Android emulators that are less elaborate, more predictable, and therefore better suited to the assumed job in hand, the discovery of two fairly elaborate emulators in the toolkit initially seems a little puzzling.

There’s bound to be a good reason they’re installed but right now, those reasons will have to wait until another day.

Of course, the answers to these questions and others like them, are always out there. ‘Out there’ is a very, very big place but the answers usually give themselves up quite quickly once curiosity arrives.

From: TF , for the latest news on copyright battles, piracy and more.

The frontline of online piracy liability keeps moving, and core internet infrastructure providers are increasingly finding themselves in the crosshairs.

In a significant ruling last week, the Paris Judicial Tribunal ordered Cloudflare to actively block access to pirate MotoGP streams, confirming that third-party intermediaries can be required to take responsibility.

The ruling follows a complaint from French entertainment powerhouse Société d’Edition de Canal Plus ( SECP ), which holds the rights to various sports broadcasts. In this case, the proceeding was filed to protect its interests in MotoGP events, which started a new season last month.

DNS Resolvers are Liable

The reasoning behind the blocking request is similar to a previous blocking order , which also targeted OpenDNS and Google DNS. It is grounded in Article L. 333-10 of the French Sports Code, which empowers rightsholders to seek court orders against any outfit that can help to stop ‘serious and repeated’ sports piracy.

This time, SECP’s demands are broader than DNS blocking alone. The rightsholder also requested blocking measures across Cloudflare’s other services, including its CDN and proxy services.

The legal paperwork cites 14 domain names, including motogpstream.me and livestreamhd247.live, but doesn’t stop there. SECP also pushed for dynamic blocking, asking Cloudflare to act against future infringing sites identified by French media regulator, ARCOM.

Cloudflare’s Failed Defense

Cloudflare put up a defense, arguing that unlike traditional ISPs, it isn’t the kind of intermediary that’s targeted by Article L. 333-10. The company said that its DNS, CDN, and reverse proxy services don’t “transmit” infringing content in the way envisioned by the law. Instead, they merely route traffic or cache content passively, so strict policing obligations are not appropriate.

Cloudflare also attacked the proportionality and effectiveness of the requested measures. For example, it said that DNS blocking would affect a “negligible” number of users and could be easily bypassed by VPNs or other DNS resolvers, rendering these restrictions futile.

Cloudflare also warned that due to technical challenges, it could be difficult to accurately geo-restrict blocking measures to France, introducing a new risk of global collateral damage.

Court Dismisses Pushback, Orders Blocking Measures

None of these defenses convinced the Paris court, which rejected all of Cloudflare’s arguments. For example, it disregarded the “passive” vs. “active” distinction, concluding that intermediaries such as Cloudflare play an integral role in accessing pirate streams. As a result, the company is required to block this content.

The potentially limited effect of the blocking order didn’t change the court’s view either. While Cloudflare’s blocking won’t put an end to piracy, it will have an impact, even if some people bypass the proposed blocking measures.

All in all, the Paris Court ordered Cloudflare to comply and block the listed pirate site domains within three days. The blockades should stay in place for the remainder of the 2025 MotoGP season, across all relevant services.

Future Pirate Site Domains are Covered

The order was issued last week and Cloudflare has already implemented it, with the court allowing Cloudflare to adopt its own technical measures. Visiting the blocked domain names from France will now result in an HTTP 451 error, indicating that they are now unavailable for legal reasons .

Interestingly, the blockades may not stop at the 14 domain names mentioned in the original complaint. The ‘dynamic’ order allows SECP to request additional blockades from Cloudflare, if future pirate sites are flagged by French media regulator, ARCOM. Refusal to comply could see Cloudflare incur a €5,000 daily fine per site.

“[Cloudflare is ordered to implement] all measures likely to prevent, until the date of the last race in the MotoGP season 2025, currently set for November 16, 2025, access to the sites identified above, as well as to sites not yet identified at the date of the present decision,” the order reads.

This latest French ruling is part of broader efforts by rightsholders to co-opt core internet infrastructure into their enforcement efforts. Mandatory blocking requirements, once largely confined to ISPs, are now gradually expanding to other intermediaries. The expansion is not just a French or European phenomenon; a proposed U.S. site blocking bill also envisions a key role for DNS resolvers.

—

A copy of the Paris Court order, issued on March 28, 2025, is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Reports last week that Spotify had suddenly gone down worldwide were a little overblown.

The ‘outage’ may have felt that big to those affected, and it may have been of some comfort if everyone had the same problem; after all, nobody likes to suffer alone.

That doesn’t mean the perceived outage was insignificant or had limited geographical reach. Spotify has neither confirmed nor denied anything, it’s possible it never will. But something definitely happened.

Significant reports of Spotify ‘downtime’ began to surface around March 3rd and for the next several days, similar reports appeared on discussion platforms around the world. As the dust settled it became increasingly clear that this wasn’t a global Spotify outage. Indeed, there’s no evidence to show that legitimate users of Spotify were impacted at all.

Targeted Anti-Piracy Crackdown

All evidence points towards an international Spotify campaign to render its service inaccessible to those enjoying the ‘Premium’ ad-free experience without paying for it.

The precise scope of the apps targeted is unknown, but Android users appear to represent the bulk of those affected, with ‘modded’ or ‘cracked’ versions of the Spotify client cited most often. Data from Google Trends reveals a worldwide search interest peak last week higher than any other Spotify-related event in the last 90 days.

The same search reveals a peak of similar size and shape across multiple countries where an ‘outage’ was reported last week.

Google Trends search data is available for periods of up to 7 days, but then jumps to 30 days and beyond. The image below shows the top 5 countries for ‘Spotify’ searches in the preceding 30 days and, for comparison, the same search for 7 days.

The change in position on the right may suggest a phased approach by Spotify; 7 days may be too short to account for all searches conducted in Italy if it was one of the first targets last week. This may have allowed Ukraine to take the top spot and made room for Poland and Moldova to enter the frame.

Was Spotify’s Crackdown The Cause?

A company of Spotify’s significance means that for one reason or another, making headlines is nothing particularly unusual. In this case there appears to be little doubt that the peak in interest last week was indeed linked to the disabling of the pirate apps.

The top 20 trending searches in the UK, linked to the initial searches above, are listed below. The overwhelming majority show direct interest in unofficial access, with at least half of the searches specifying particular pieces of software.

Searches in other regions indicate that solutions sought for the Spotify ‘outage’ ranged from the very direct, to the more flexible and creative.

Italy’s approach ranged from the easily translated ‘ spotify premium apk ultima versione ‘ to the specific ‘ com.spotify.music apk arm64-v8a ‘. Showing a desire to switch platforms if necessary, ‘ come trasferire playlist da spotify a youtube music ‘ (how to transfer playlist from Spotify to YouTube music) was also popular.

Over in Belarus, many searched for “ спотифай скачать взлом ” (Spotify download hack) while others sounded less optimistic with “почему спотифай не работает” (Why Spotify doesn’t work?).

In the United States, a Spotify tweak called ‘EeveeSpotify’ attracted significant attention. Like the now-defunct Spotilife before it, ‘EeveeSpotify’ signals to Spotify that the user has a Premium subscription. This is currently achieved by intercepting Spotify’s requests to load user data and then modifying the responses.

A popular search in Ukraine, believe it or not, is the only search that Spotify wants to see after this type of event. Faced with a Spotify blackout, Ukrainians searched for ‘ підписка спотіфай ‘ which translates to ‘Spotify subscription.”

New Modded/Cracked APK Files Appear Onine

Despite having other options, some users are only prepared to settle for a solution featuring the original Spotify app. New cracked/modded versions of the official Spotify Android app may have appeared online quite quickly, perhaps as early as March 4 or 5 when the ‘outage’ was still in its early stages.

From a purely functional perspective, modded Spotify APK files often claim to offer a complete (or near complete) Spotify experience, minus the cost of subscription. These APKs are fairly easily found online and straightforward to install. The major difficulty that concerns some more than others, is the age-old question of trust.

Gambling on Trust, Risk vs. Reward

Installing an APK from an unverified source carries significant risk. Once installed, users may find all promises have been kept but what actually happens inside users’ phones and tablets is hard to predict. With moderate effort, an average user should be able to learn enough about a modded APK to make a semi-informed decision, even if only based on how much risk they’re prepared to take.

On one side of the scale, free Spotify; on the other, a potential nightmare costing much more. The odds of the experience tipping in favor of one versus the other depends on both known and unknown factors.

Installing an unknown app from an unknown source is normal behavior for many pirates. One particularly popular Spotify app has been freely exchanged between Reddit users during the past few days. As one early installer put it, “Yes it seems to work.” At times like these, for some that’s more than enough.

Rolling the Spotify Dice

Whether there are multiple versions of the same app, or whether they just behave the same, is hard to tell without spending considerable time. What we can say for sure is that the handful we’ve seen didn’t always share the same hash. There might be good reasons for that but when hashes don’t match, further tampering has already been confirmed.

A test result published on Hybrid Analysis, for an APK that reportedly brings Spotify back to life, dates back six/seven days. The final verdict is one of “malicious” despite anti-virus vendors giving the file a clean bill of health on both Hybrid Analysis and Virus Total .

In our own tests, a similar (but not identical) APK resulted in three sets of reports, one of which exceeded 100 pages and revealed interesting ‘features’. It’s possible that the official Spotify app has features we’re yet to discover, such as the ridiculous ‘Jam’ mode inflicted on even the most loyal subscriber.

But did that have permission to read a phone’s contact lists, SIM card details, the content of every SMS, call logs, calendar entries, and then use the camera? In 2025, anything is possible, but it’s hard to imagine much good coming from that.

Yet for some, the idea of paying for music will be too difficult to overcome. And despite costing almost nothing, research may sound like too much hard work, even if it paid off handsomely in the end.

From: TF , for the latest news on copyright battles, piracy and more.

At the start of the year, TorrentGalaxy was one of the most-visited torrent sites, welcoming millions of users a day.

The site was originally launched by former members of ExtraTorrent, a popular torrent site that shut down in 2018. The founders aimed to provide a home for ExtraTorrent ‘refugees’ but, over time, it transformed into much more than that.

Last summer, there was a drastic change as TorrentGalaxy as the founders sold the site to a new and undisclosed party. The handover was clearly noticeable to outsiders, as the typically stable site suddenly experienced repeated stretches of downtime.

It was presumed that these problems were related to the change of guards, but without a word from the site’s new owners, both staff and users were left guessing.

When new downtime issues presented themselves last month, few people were surprised. This had happened previously on numerous occasions, with the site typically coming back online after a few days. This time around, however, the site stayed dark.

Site Offline for Two Weeks

At the time of writing, TorrentGalaxy has been unreachable for more than two weeks. The site had started using Cloudflare on its main torrentgalaxy.to domain, which informs users that the ‘host’ server is unreachable.

TorrentGalaxy has a dedicated status page to inform users what parts of their infrastructure are still operational. This currently indicates that all backup domains are offline too, including those on the Tor network.

The status page is automated and provides no additional explanation. The current issues seem more than just a technical outage, however.

Broken Upload Bots

In addition to the site itself, plus main and backup domains, TorrentGalaxy’s upload bots are offline too. These bots, including TGxGoodies, provided a steady stream of thousands of movie and TV torrents to other torrent sites, including 1337x.

Two weeks ago, a 1337x moderator decided to suspend TGxGoodies as many of its uploads were not being seeded. This was likely triggered by hosting-related issues that appear to have plagued the site.

“I have suspended the uploading of this bot till you guys figure out what’s going on over there. You have 500 unseeded torrents here. Not going to let you upload anymore till you start seeding what you have already uploaded. This bot needs a fixing,” the mod wrote.

Over at The Pirate Bay, the TGxGoodies and GalaxyRG bots stopped uploading weeks ago, for unknown reasons. This means that TorrentGalaxy’s problems are not isolated to just one website, its absence is being felt across the entire torrent site ecosystem.

Staff Fear the Worst

After two weeks of unexplained downtime, many users have concluded that the site is not coming back anytime soon. This sentiment is also trickling through to members of TorrentGalaxy’s staff, who are also being kept in the dark.

Mafketel, one of the TGx super admins, informs TorrentFreak that site staff are gradually losing hope for a good outcome.

“To be honest, the belief that it eventually will all be okay is very low among all staffers,” he says. However, as long as the proxy status page is online, with a checkmark beside one of the domains, staff continue to hope for a ‘miracle’.

As far as we can see, none of the current issues are domain-related. The main TorrentGalaxy.to domain is registered and operational, with working nameservers. The server it points to clearly isn’t functioning, however.

Financial Concerns

Rightsholders will be happy to see the site stay offline. ACE and others have previously tried to uncover the identities of its operators, hoping to take them down. There are currently no signs that anti-piracy forces are behind the downtime, at least not directly.

It is possible that ‘someone’ got to the servers and did unrepairable damage, but that’s all speculation.

Many online commenters link the current problems to TorrentGalaxy’s plea for money. A few weeks ago, the site reported financial difficulties, asking users to send donations to cover the bills.

The logical conclusion is that the money eventually ran out. However, while that sounds plausible, it would be highly unusual. After all, the operators of the site could easily put up a text file with a formal farewell.

Alternatively, they could point the domain to an external page where they explain the situation, and perhaps ask for even more money. Just giving up without any explanation, months after taking over the site, makes little sense.

At the end of the day, TorrentGalaxy’s status remains a mystery until someone steps forward to explain the situation.

From: TF , for the latest news on copyright battles, piracy and more.

When peer-to-peer file-sharing was in its heyday, communities were the glue that held everything together, but not in the global sense evident today.

File-sharing communities typically gathered on various forums. Operating in isolation, most embraced a central theme – file-sharing – everything else was a footnote.

Embracing anyone and welcoming any topic of conversation, fancy high-tech social media platforms made short work of file-sharing communities. Had Disqus been around a little earlier, things may have been different, at least for a while.

Feel Free to Discuss

Up and running in no time at all, Disqus embeds offer a full-featured and externally hosted comment platform, making life a lot easier for site operators. Of course, that single place is actually someone else’s servers, and the commenters were now someone else’s users.

For evolving file-sharers, who consume most of their content on streaming sites while sharing very little, Disqus made conversations convenient. Same username, same password, and in time, the appearance of large specialist communities centered on the theme of the site. Or, as commonly seen today, specific content available for download on many specialist sites.

Since wherever Disqus users go, their communities go with them, the conversation never had to stop. At least until Disqus decided that those communities needed to be to shut down, quickly.

You Have 24 Hours to Comply

Shared with TorrentFreak by the operators of pirate site KickassAnime, the notice below strongly suggests that Disqus didn’t have negotiation in mind.

There are no specific allegations or even a mention of a repeat infringer issue. Instead, based on a general assessment that KickassAnime violates Disqus terms and conditions (which it clearly does), the site was given roughly 24 hours to leave town.

At first blush, the opportunity to export comment histories seems like a welcome consolation prize.

On closer inspection, the offer is actually for the recipient to download their own comment history, unless they’re the author of all comments on the site, which seems highly unlikely. At best, the wording seems ambiguous.

More Notices Sent to Other Sites With the Same Message

The operator of KissManga received a similar notice on February 22.

“It’s come to our attention that your site kissmanga-5 is sharing copyright-violating content. As this is a violation of the Disqus Terms of Service, we will no longer be able to provide commenting services to your site, and your site will be removed from the Disqus network,” it begins.

There’s no mention of decisions against kissmanga-4, kissmanga-3, or the others, but for now the locals seem glad to have their chat back after the operator of the site installed wpDiscuz .

Other Targets

While some sites were happy to post their Disqus notices in public, others handled things in their own way.

Bato.to simply advised where the Disqus window used to be, that “Disqus has stopped providing services to us.” MangaPark, meanwhile, doesn’t appear to have taken any specific action just yet.

Anime Kai, a domain active for just a few weeks and already pulling in 20 million visits per month, had a bit more to say. The same goes for the site’s users who, in their brand-new comment section, had a debate over which previously existing site Anime Kai had just replaced.

At the bottom, evidence that Disqus isn’t limiting itself to banning sites offering content only from Japan. The screenshot from FitGirl-Repacks also seems to answer whether Disqus will hand over a database of comments made by an unknown number of site users, to the person in control of a site. In this case, that does seem to be the case.

Why Take Action Now?

Why Disqus has decided to act now isn’t clear. The company says that it took action based on terms of service violations and in that respect, the decision finds solid ground.

It’s also possible that owner Zeta Global felt under some pressure or obligation to act, even if that pressure was self-imposed.

The company is heavily involved in AI and in its article titled ‘Responsible Use and Legislation of Generative AI’ the company notes various risks and the importance of transparency.

Using generative AI for marketing isn’t without its risks — including accuracy, bias, privacy, and copyright infringement, for example. As adoption of the technology increases, responsible AI practices, like transparency, trust, and human oversight, are also gaining importance.

Moving forward, it will be important that AI vendors are transparent with:

How their models are trained
Any known model vulnerabilities
How the model performance is measured

And regulators will be taking note.

From: TF , for the latest news on copyright battles, piracy and more.

Yesterday, Carl Lundström stepped into his Mooney M20 propeller-driven plane, heading from Zagreb to Zurich in a solo flight. Not long after takeoff, the plane reportedly crashed into a mountain cabin located in the Slovenian Big Pasture Plateau.

Lundström, who was 64 years old, did not survive.

The crash of Lundström’s plane was picked up by both Slovenian and Swedish media . A body reportedly found at the crash site is yet to be officially identified.

Carl Lundström (1960 -2025)

Born in 1960 as one of the heirs to the Wasabröd empire, Lundström was financially independent at an early age. In addition to an interest in politics, including his involvement in various far-right political organizations, he also developed his business skills, with a particular interest in technology.

Lundström owned the Internet providers Rix Telecom AB and Rix Port 80, which helped many businesses venture online in the early 2000s. These companies also partnered with smaller players such as PRQ, owned by Pirate Bay founders Fredrik Neij and Gottfrid Svartholm.

In 2004, Lundström met Neij at an exhibition and invited him to work for Rix Telecom. Later that year, Neij informed Lundström about one of the new projects he was involved in; a torrent site called The Pirate Bay. The site, which was Swedish-only at the time, was growing fast and needed more server power and a good Internet connection.

Pirate Bay Backer

Lundström was interested in the project and offered to help out, initially providing two servers. This was just the start, however, as plans to transform The Pirate Bay into an international file-sharing site would soon require much more computing power.

According to a detailed description, shared during the Pirate Bay trial, Lundström later proposed a formal partnership where he would provide hardware and connectivity, in exchange for a significant stake in the business.

This formal involvement with The Pirate Bay didn’t come to fruition. When changes to Swedish copyright law were announced in 2005, Lundström started to have doubts about the project. An initial plan considered relocating the business to Argentina, where the Swedish Embassy was asked for input, but that never went through.

Rix Telecom’s owner reportedly backed out of the planned deal with PRQ/TPB in late 2005, but his company continued to offer services to the file-sharing site, at least for a while.

While Lundström had taken his hands off the Pirate Bay project, his early involvement made him one of the four defendants in the Pirate Bay trial. He was ultimately sentenced to four months in prison.

Controversy

Lundström’s association with right-wing organizations was often the center of attention, for good reasons. However, Swedish journalist and friend Christian Peterson, stresses that Lundström was much more than that.

“Although the established media likes to reduce him to a simple ‘right-wing extremist’, Lundström was far more than that. He was an entrepreneur, a creative financier and a person who dared to defy political correctness when it was not popular to do so,” Peterson wrote in an article , commemorating his friend’s passing.

The far-right political associations were quite uncomfortable for some involved with The Pirate Bay early on, especially those who leaned far to the left. Yet despite this unease, Lundström played a central part in the site’s history. Perhaps even more than that.

Without Lundström stepping up, the notorious torrent site might never have broken through to the masses.

From: TF , for the latest news on copyright battles, piracy and more.

In recent years, the European Commission has proposed and adopted various legislative changes to help combat online piracy.

The Copyright Directive and the Digital Services Act both envisioned tighter copyright takedown rules for online service providers.

Sports rightsholders and other organizations felt that these new rules were not sufficient to tackle specific challenges in respect of live streaming piracy. They wanted more incentives for online service providers to act faster and more diligently, as suspensions are useless after a live broadcast ends.

The EU Commission heard these calls and published a targeted recommendation , “encouraging” member states to introduce measures to facilitate prompt takedowns of live streams. At the same time, service providers and rightsholders were encouraged to collaborate, to tackle this challenge together.

The recommendation , which doesn’t include any legislative requirements, was largely met with disappointment by rightsholders. They had hoped for strong restrictions, binding takedown requirements, or at least some kind of formal regulation. Those didn’t come.

Report Shows Low Responsiveness to Takedown Notices

Against this backdrop, it’s no surprise that rightsholders remain unhappy. Almost two years after the EU recommendation, a report from the accounting firm Grant Thornton, created in partnership with the Live Content Coalition finds that little has changed.

The report’s title leaves little to the imagination. It stresses that, after seventeen months, the EU recommendation on combating online piracy of live events has had limited impact.

The report finds that live-streaming piracy remains a problem and online intermediaries continue to show low responsiveness to takedown notices. Of the 10.8 million notices recorded last year, only 19% resulted in suspensions of pirated live streams.

Roughly two-thirds of all takedown notices were not addressed at all, as shown below. The remaining 15% was addressed but, for reasons not detailed in the report, the intermediaries did not suspend the streams.

Even when online services take action, it often takes more time than rights holders would like. Only a small fraction of the reported live streams, 2.7%, were suspended within 30 minutes of a takedown notice being sent.

Dedicated Server Providers are Most Problematic

These numbers are disappointing to rightsholders, but it’s worth stressing that not all intermediaries have a bad track record. Of the notices that were sent to online services such as social media platforms, 98% resulted in suspensions of the pirated streams.

For Dedicated Server Providers, which received the most notices, the suspension rate is notably lower: 11%.

The notices sent to the remaining category of “other providers” led to suspensions in 8% of cases. This category is not defined, which makes the rate difficult to interpret, but it could include CDN services and cloud hosting providers.

Reappearance of copyright-infringing streams is also more common through Dedicated Server Providers.

“Online platforms have a 7.6% rate of no-reoccurrence within the day, while DSPs have a significantly higher rate at 39.5% further indicating the scale of the issues relating to these intermediaries,” the report reads.

Not The Full Picture

The report was commissioned by the industry and is based on data provided by eight major rightsholders. This means that it doesn’t necessarily present the full scope of all takedown notices and the real numbers are likely much higher.

The report is also limited in its view of the problem. The lack of definition for “other providers” could use more context, for example. The same applies to the reasons why intermediaries ‘fail’ to take action, which could include erroneous or incomplete takedown requests.

Further research into the motivations and challenges faced by intermediaries could help to paint a more nuanced picture and foster future cooperation.

Rightsholders see the report as confirmation that more should be done to tackle live-streaming piracy. The EU recommendation has had limited effect, the Live Content Coalition says, noting that none of the key performance indicators (KPIs) show any real progress.

“Overall, there were only marginal improvements in KPIs throughout 2024, which demonstrates the limited impact of the Recommendation against the sizable piracy problem where mitigation efforts are mostly ignored,” the Live Content Coalition comments.

Top Spanish football league LALIGA agrees. They note that piracy remains a major problem and since EU efforts have had little effect, more should be done.

“The report highlights the need to strengthen cooperation agreements and accelerate takedown times for infringements. It also underscores the importance of implementing additional specific measures for DSPs, who represent the largest source of unsuspended illegal broadcasts,’ LALIGA says.

—

A copy of the latest progress report, titled “The European Commission Recommendation on combatting online piracy of live events has limited impact after 17 months” is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Tranco publishes an updated ranking list of a million domains every day.

In today’s report the usual suspects dominate the top slots – google.com, microsoft.com, mail.ru and facebook.com. After scrolling through a 22mb .csv, monosurveys.com eventually completes the million.

Zonatmo.com can be found at #1576 but, until this week, the domain had yet to appear on our radar. During a brief visit to the site lasting less than 20 seconds, there were two attempts to redirect us to well-known malicious IP addresses registered to a host in the UK. That raises immediate questions over the domain’s insane level of traffic and why millions of visitors just keep going back.

Piracy Juggernaut

According to research conducted by DeepSee.io CEO Rocky Moss, Zonatmo.com is no ordinary domain. First and foremost it presents as a manga piracy site, and a very successful one too. In November 2024, Zonatmo and affiliated sites together generated a cool one billion views, all the more impressive for a domain that made its debut just 90 days earlier.

Moss says that Zonatmo is the latest new domain for a platform called Tu Manga Online, a manga content directory aimed at the Spanish-speaking market. Before Zonatmo.com, the site reportedly used Visortmo.com, lectormanga.com, and before that, lectortmo.com. Other domains are involved too.

Traffic Laundering

“When we talk about piracy that’s supported by programmatic display / videos ads, we’re often talking about traffic laundering. In a laundering scheme, there are two classes of domains involved,” Moss explains.

• Directories : when you type in something like ‘watch free movies,’ or ‘read manga online,’ chances are you’ll be taken to a directory. These are sites that connect you to the pirated content you’d like to consume. They are often easy to find using search (by necessity; they have to change domain names often)

• Laundering fronts : These appear as ‘clean’ when you visit them directly, but are usually actively managed by the folks behind the directories. They have hidden behaviors that only present themselves if you visit via some prescribed source (the directory). These sites are often able, for at least a short time, to monetize using CPM based ad products [advertisers pay a fixed rate per thousand impressions] such as display / video / audio ads.”

Moss says this scheme has been running for years and over that time, 112 domains have been used to launder site traffic, typically with one or two dozen active at a time.

Unusually Open

To show that these domains are all linked to the same business, Moss says that a key signal is when domains share 100% of their ads.txt files with each other; in this case, those files have around 15K lines. Further support of collaboration can sometimes be found in joined privacy policies.

That’s where another unusual feature becomes evident; there appears to be little or no effort to obscure the name of the company or people involved. Moss describes Nakamas Web SL as a Spanish company responsible for both the main manga site and the ‘clean’ front sites.

“Clearly Nakamas Web has found a roster of managers / sales houses / resellers who don’t look too closely at the quality of the inventory they bring to buyers, and thus they’ve had luck laundering their traffic for years,” he notes.

“At a high level, it appears the site operators have had to adapt every few months, or every year at least, in order to find a new roster of sellers who don’t know/care about the way their traffic is sourced.”

A Lucrative Scheme

Moss goes into considerable detail on the various players involved and specifics relevant to the advertising market. Those details include whether various rules may have been skirted or ignored, and how certain scenarios may have helped the scheme to last for so long.

Links to the research, an explanatory video, and a fairly hefty spreadsheet, can be found below. That leaves the big question; is a scheme like this profitable and if so, what’s the best estimate?

In broad terms, the formula takes the billion views generated in November across all sites, and factors in a 50% ad-blocking rate. Based on two ad units per a page and an industry hunch here and there, Moss emerges with a conservative estimate of $200,000 per month revenue. He does concede, however, that it could be ten times that amount.

“[We could be] talking tens of millions, certainly some of that goes to server costs and they have to, you know, always be rotating their demands. It’s not trivial to do this but clearly the juice is worth the squeeze,” he adds.

“It’s been going for years and it has not been stopped so what is it with this ‘Open Secret’ and why is allowed to thrive? My projection is that by the end of the year, it will not.”

The research is available here and the spreadsheet here .

From: TF , for the latest news on copyright battles, piracy and more.