Research and investigations concerning internet platforms can be incredibly time-consuming, despite most of the necessary tools being readily available to the public free of charge.

Threat intelligence platform Silent Push combines the essence of these tools into a graphical interface that does much more than the sum of its parts. Historical data, for example, allows connections to be built in cases where evidence no longer exists on the ‘live’ web. Straightforward tasks such as WHOIS lookups, on the other hand, only rarely look this good.

According to Silent Push researchers (SPR), the platform makes it easy to “map out the entire infrastructure supporting IPTV networks” by “combining just a few technical fingerprints.” The results of an investigation published today claim to identify a major IPTV network and an individual the researchers claim is closely involved.

A Domain Name Gets Things Rolling

SPR say their investigation began with a domain name – premiumplustv[.]xyz – which had been reported as hosting pirated content. Using the Silent Push Web Scanner they were then able to connect the service to 10,000 IP addresses and 1,100 domains, with one standing out in particular.

“The xuione[.]com website, seen below, is a massive IPTV provider that appears to support numerous pirated content schemes – confirming the initial suspicions of our research partner,” SPR write.

“For several years, the xuione[.]com website listed details indicating the registrant was based in Herat, Afghanistan.”

Records were updated to remove references to Afghanistan in March 2025, but historical records are more difficult to change.

SPR Identify an Individual With Close Links to the Network

SPR’s investigation led them to identify an individual that they believe is closely linked to the pirate IPTV network, who is also the “likely” operator of the pirate IPTV service at jvtvlive[.]xyz .

That service allegedly exploits content from the world’s leading entertainment and sports brands including Prime Video, Bein Sports, Disney Plus, NPO Plus, Formula 1, HBO, Viaplay, Videoland, Discovery Channel, Ziggo Sports, Netflix, Apple TV, Hulu, NBA, RMC Sport, Premier League, Champions League, Sky Sports, NHL, WWE, and UFC.

While that individual may indeed be everything SPR say he is, an OPSEC note accompanying the investigation notes that the methods used by the team to enumerate the piracy network, and the process used to identify the individual (located in Herat, Afghanistan), “cannot be shared publicly.”

We have no reason to doubt their findings, but there’s no replacement for seeing the evidence first hand.

Evidence Mounts

Ultimately, however, SPR were able to link the domain xuione[.]com to an IP address – 158.220.114[.]199 – used by many apparent IPTV-linked services [ here ] including streamxpert[.]net, jvtvlive[.]xyz , and tiyanhost[.]com .

Tiyanhost[.]com is the domain name of Tiyan Software Development, a business entity also based in Herat, Afghanistan. Public records show that the person identified by SPR shares the same name as the owner of that company. Sites with links to XuiOne display a WhatsApp number with an Afghan country code that perfectly matches a number directly linked to the same person, researchers say.

Overall, that led to the researchers feeling “comfortable assessing his involvement” in the pirate network’s operations.

Food For Thought

Exactly what additional evidence was obtained by the researchers is unknown, but we assume that it’s pretty compelling after naming the individual in public. It also seems reasonable to assume that information has been shared with anti-piracy companies and other interested parties in advance. If not, publication of the research is a pretty loud ‘headsup’ for those involved.

Yet, as far as we know, the service remains active. Enforcement in Afghanistan may present more than a few stumbling blocks, but the country isn’t known for cutting edge technical infrastructure. The service’s infrastructure has a fairly significant European presence, but perhaps the time isn’t quite right to do anything about it.

Finally, online databases used for investigations aren’t always accurate and at times can deliver the occasional curveball. All things considered, the existence of an $84 million turnover ad agency in the same Afghan town seems unusual. Even more so when allegedly operated by an individual with a familiar name, which some databases link to an even bigger operation in the Netherlands.

Silent Push (Community Edition) is available for free here (pdf). The investigation report is available here

From: TF , for the latest news on copyright battles, piracy and more.

Last year, Homeland Security Investigations (HSI) seized several domain names linked to Streameast, a popular live sports piracy site with millions of users.

The seizures were carried out by the book but did not achieve the desired effect. Streameast remained available through alternative and regularly updated domains.

At the time, the operator of the original Streameast operation, known by the handle ‘Quick’, noted that many Streameast-branded clone sites were not targeted in the government crackdown, despite pulling in more traffic than the original.

“Despite the existence of countless fake, fraudulent, infected, and misleading streaming sites, this attack was solely targeted at the real addresses of Streameast,” Quick wrote in a response.

ACE & Egypt Shut Down Streameast Network

After more than a year, Streameast is making headlines once again. This time around, however, the original Streameast was not targeted. Instead, the copycat clone sites were the focus of a massive anti-piracy operation.

The Alliance for Creativity and Entertainment (ACE) reports that alongside Egyptian authorities, it has shut down the world’s largest sports piracy ring; the Streameast network.

The MPA’s anti-piracy arm says that the network consisted of more than 80 domain names, reportedly good for 1.6 billion visits in the past year. Streameast.app, which had more traffic than the original Streameast, is now under ACE control along with the other domains.

The press release doesn’t identify any domains by name, but it states that some sites were targeted at specific sports. These sites did not necessarily carry Streameast branding and appear to include boxingbite.app, nbastreams.app, mlbbite.net, mlbstreamlinks.org, and reddit-nba.com.

A full list of the seized domains, independently identified by TorrentFreak, is available below. These will be redirected to ACE’s ‘Watch Legally’ page, which is typical in these types of cases.

A Victory For Rightsholders

Charles Rivkin, Chairman and CEO of the Motion Picture Association (MPA), who also serves as Chairman of ACE, describes the massive takedown as a major anti-piracy milestone that protects rightsholders who invest in the live sports ecosystem.

“Today, ACE scored a resounding victory in its fight to detect, deter, and dismantle criminal perpetrators of digital piracy: by taking down the largest illegal live sports platform anywhere,” Rivkin said.

Ed McCarthy, COO of DAZN Group, is pleased with the achievement too and congratulates ACE and Egypt for the resounding success.

“This criminal operation was siphoning value from sports at every level and putting fans across the world at risk. We commend the Egyptian authorities and ACE for their action in bringing down the world’s largest illegal sports streaming operation.”

The press release doesn’t mention that the original Streameast is still in operation, but ACE is undoubtedly aware of its existence, as this operation was at the center of a U.S. Government crackdown last year.

Streameast: We’re Fine

As the news broke, the original Streameast’s communication channel was overloaded with worried users, but operator Quick informed them that the service is operating as usual.

“We are not connected to them in any way (we’re not even Egyptian). We have not been raided, and our streams and work continue as usual. As we’ve always said: Do not use fake sites!”

ACE would undoubtedly prefer to shut down all major pirate streaming sites, but where Streameast is concerned the ‘copycat’ was actually the biggest fish. It’s therefore no surprise that they are pleased after shutting it down.

—-

Below is a list of all sites that were seized by ACE over the past days, including Streameast.app.

boxingbite.app, boxingstreams.app, buffstreams.app, buffstreamz.app, crichd.app, f1bite.app, f1streams.app, mlbstreams.app, mmabite.app, mmalive.app, mmastreams.app, nbastreams.app, nfllive.app, nflstreams.app, nhlstreams.app, streameast.app, ufctonight.app, vipleague.app, crackstreams.dad, boxingbite.net, f1bite.net, mlbbite.net, mlbshow.net, mmabite.net, nhlbite.net, redditnflstreams.net, rmlbstreams.net, rmmastreams.net, soccerbite.net, atdhe.club, allfloridasafetyinstitute.com, cfbite.com, googlapisapi.com, mlbshow.com, nflbite-streams.com, nflpulse.com, nflsurge.com, nhlbite.com, rboxingstreams.com, reddit-nba.com, reddit-nfl.com, redditmmastreams.com, redditnhlstreams.com, rmmastreams.com, rnbastreams.com, rncaafstreams.com, wnbabite.com, wnbastreams.com, totalsportek.fun, redditsoccerstreams.link, boxingstreamlinks.live, f1streamlinks.live, mlbstreamlinks.live, mmastreamlinks.live, nhlbite.live, redditcfbstreams.live, redditf1streams.live, redditmlbstreams.live, redditmmastreams.live, redditnbastreams.live, redditnflstreams.live, adstrim.org, boxingstreams.org, f1streamlinks.org, mlbstreamlinks.org, mmastreamlinks.org, nflbites.org, nflstreamlinks.org, nfltonight.org, nhlstreamlinks.org, redditnbastreams.org, thevipbox.org, streamingsites.review, nflbite.site, redditsports.stream, 1stream.top, nflbite.watch.

From: TF , for the latest news on copyright battles, piracy and more.

Anti-piracy action in Argentina continues to expand, with tight collaboration between the Spanish football league LaLiga and local authorities.

Following raids in Argentina targeting MagisTV and Al Ángulo TV, new information reveals that a global network was taken down recently.

LaLiga says the historic enforcement action dismantled dozens of IPTV services with an estimated 8 million paid subscribers. Following an investigation by the Cybercrime Prosecutor’s Office of San Isidro (UFEIC), local police raided four office buildings in Vicente López, Buenos Aires.

The press release makes no mention of any arrests, but photos taken in an apparent office building show seized items including large amounts of cash, as well as a poster of Walter White. The images feature agents from the Provincial Investigations Police of Buenos Aires (DDI San Isidro) as well as a representative from LaLiga.

The raids were approved by San Isidro Guarantees Court No. 4, but no further information has been shared in respect of the criminal allegations.

My Family Cinema, TV Express, Eppi Cinema, Weiv TV and others

The list of targeted services includes My Family Cinema, TV Express, Eppi Cinema, Weiv TV, Red Play, Duna TV, Boto TV, Break TV, VTV, Blue TV, Super TV Premium, HOT, ONpix, PLUSTV, Mix, Venga TV, ALA TV, Pulse TV, Football Zone, Nossa TV, MegaTV+, Cineduo, Megamax+, GTV, Nebuplus, Onda TV, and several other brands.

A quick glance at the websites of these operations reveals that, at the time of writing, some are offline or under maintenance. It doesn’t appear that their domain names have been seized.

On social media, several users also report problems with these streaming services, even for those whose websites are still online. This suggests that the infrastructure of some of these brands was indeed partially dismantled.

Legitimate Companies Implicated

LaLiga’s information states that these allegedly illegal platforms “operated through” several legitimate companies that operate across the globe. These “associated” organizations include Valoroso, Space Place Consulting, Goose, BitKernel, Peliplat, and FatFish Media.

Company Name	Description of Services
BitKernel	BitKernel is a software development company that specializes in creating custom solutions for streaming and video platforms.
Goose	Goose offers white-label platforms for streaming platforms
Peliplat	Peliplat presents itself as content discovery platform, similar to a TV guide, allowing users to browse movies and TV shows and track what they have watched.

If or how these companies were involved is not disclosed. It is not immediately clear if any of the people involved are suspected of being part of the pirate streaming services’ operations, or whether the services simply used their infrastructure.

LaLiga mentions that some companies offered “seemingly legitimate services” such as Peliplat and Doozy TV.

TorrentFreak reached out to Goose, BitKernel and Peliplat for a comment, but those requests were not immediately answered. Their websites are online and there is no mention or visible impact of the raids.

Without drawing any conclusions, YouTube videos of Peliplat show that the company was in an office building with wall panels that look similar to the raid photos, while also featuring movie/TV posters.

According to LinkedIn job offerings , Peliplat has an office in Vicente López, Buenos Aires, the same city where the police raids took place. These links don’t prove anything, so we requested LaLiga to clarify the involvement of these companies; again, without an immediate response.

A Turning Point?

Commenting on the enforcement action, LaLiga president Javier Tebas suggests that the recent action in Argentina marks a turning point in the fight against online streaming piracy.

“This operation marks a before and after in the fight against digital piracy in Latin America. The scale of this network demonstrates that audiovisual fraud is a transnational organized crime issue,” Tebas says.

LaLiga further notes that ALIANZA, NAGRAVISIÓN, and Telecom Argentina played a role in the investigations. In addition, the Motion Picture Association was involved in the process. The latter informed TorrentFreak that it will not comment on the recent action.

The information made available suggests that this was a massive anti-piracy crackdown affecting millions of subscribers and a handful of companies that appear to have other legitimate operations as well.

It also leaves us with a bitter taste, however. Given the scope of the operation and the seriousness of the criminal allegations, one would expect more transparency, so the press can properly do its job instead of regurgitating press releases.

From: TF , for the latest news on copyright battles, piracy and more.

In the United States, Europe, the UK, Australia, Japan, and many other countries respectful of copyright, rightsholders have a fundamental right to take action against alleged infringers.

How that takes place in practice has been source of friction, especially when rightsholders target thousands of individual infringers, aiming to collect cash settlements of thousands of dollars from as many as they possibly can. Such schemes place significant pressure on internet bill payers, who are not necessarily those responsible for the actual infringement, and in turn cause a major headaches for ISPs.

A decade ago Canada attempted to strike a compromise with its ‘Notice and Notice’ regime, which requires ISPs to forward rightsholders’ copyright infringement notices to subscribers. Warnings that aggressive rightsholders would likely find a way to use the scheme to obtain settlements were well-founded, but not the only opportunity they have to get paid. Several repeat infringer liability lawsuits against ISPs, VPN providers, hosts and other intermediaries in the U.S. are proof of that.

Movie Companies Demand CAD$400m / US$291m in Damages

When companies including Millennium Funding, Outpost Productions, Bodyguard Productions, Hunter Killer, and Rambo V Productions sought to enforce their rights in Canada, they reportedly had some early success obtaining customer identities from Bell, at least until things went sour.

In their lawsuit targeting Bell , the movie companies claimed that they sent over 81,000 notices to Bell between February 2019 and June 2021, but Bell failed to forward almost 40,000 of them. Since in theory intermediaries could face a bill of between CAD$5,000 and CAD$10,000 for failing to meet their ‘notice and notice’ obligations, the plaintiffs filed a claim against Bell demanding CAD$400 million in damages.

Bell’s Defense and Counterclaim

In a counterclaim Bell accused Aird & Berlis LLP, the law firm hired by the studios to send the notices, of misuse of copyright and abuse of process.

Bell alleged that the scheme abused the notice and notice regime by automatically generating large numbers of notices to 1) intimidate alleged infringers and 2) claim huge damages from ISPs for not forwarding them.

On top, Bell alleged champerty and maintenance, where a third party pays litigation costs in return for a share of the eventual spoils, or assists in a lawsuit without having a legitimate interest.

Struck Out, Leave to Amend Denied

A case management judge largely sided with the plaintiffs; Bell’s complaints concerning the notice-and-notice regime was a matter for Parliament, the judge said. Claims that Aird & Berlis intimidated alleged infringers lacked supporting evidence, likewise there were “no material facts” to show that Aird & Berlis and Millennium were not in a solicitor-client relationship.

Allegations of copyright misuse, champerty and maintenance, abuse of process and unlawful means conspiracy, were therefore struck out by the judge without leave to amend.

Bell fought back against the order but had only limited success on appeal. On copyright misuse, Federal Court Judge Angela Furlanetto concluded that it could be a defense to a section 41.26 action , but agreed that Bell had provided insufficient evidence.

Ultimately the Federal Court dismissed the appeal and upheld the decision to strike portions of Bell’s pleadings without leave to amend. That denial was justified, the judge wrote, because Bell had previously amended its pleading without curing deficiencies raised by the movie companies.

Federal Court of Appeal’s Decision

A subsequent appeal launched by Bell against the Federal Court’s decision – that in turn had upheld the case management judge’s decision – was reviewed by the Federal Court of Appeal. The judgment, with reasons written by Justice Woods alongside Justices Laskin and Justice Locke, was handed down on August 29.

The core of Bell’s appeal was that several of its pleadings should not have been struck, and it should’ve been given leave to amend. Bell’s allegations of champerty or maintenance did not appear in the appeal.

On the misuse of copyright claim, the Federal Court said that Bell’s pleading did not provide sufficient information to support its allegations of improper conduct. It failed to “specify ‘what’ the misuse was and ‘how’ the conduct was contrary to public policy.” The decision to strike due to insufficient material facts was therefore correct.

Bell’s ‘secondary allegations’ against Aird & Berlis LLP also lacked sufficient material facts to support allegations of improper conduct, with the Court of Appeal noting that the described actions were consistent with a solicitor-client relationship.

The ‘abuse of process’ and ‘unlawful means conspiracy’ claims failed for similar reasons. The Court affirmed the striking of these allegations, noting that Bell had not provided sufficient information on the ‘illegal purpose’ or how that had caused Bell to suffer damage.

On the alleged violations of the notice-and-notice provisions, the Court of Appeal agreed that these should be struck from Bell’s defense and counterclaim because a statutory breach does not give rise to an independent cause of action.

Denial of Leave to Amend Was an Error of Law

The Court of Appeal found that the Federal Court judge misapplied the legal test for denying leave to amend.

“The legal test to deny leave requires that the judge conclude that the defects are not curable. This high bar highlights that denying leave is a very serious consequence for the party whose claim is dismissed and is a step that should not be taken lightly,” the judgment reads.

A recent Court of Appeal decision found that leave to amend should be granted unless many chances to amend had been given already. The Court also describes Bell’s ‘copyright misuse’ allegation, concerning alleged misuse of the notice-and-notice regime, as “a viable defense.”

“The [Federal Court] judge determined that the pleading does not provide sufficient detail to support these allegations, but it is not plain and obvious that these defects cannot be cured,” the judgment notes.

The Federal Court of Appeal allowed Bell’s appeal in part without costs, and set aside the decision that denied leave to appeal. That means Bell has an opportunity to submit an Amended Statement of Defense and Counterclaim, but where that will leave the case is still unclear.

The Federal Court of Appeal judgment in Bell Canada v. Millennium Funding, Inc. is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

When a Virginia jury ordered internet provider Cox to pay $1 billion in damages for failing to take appropriate actions against pirating subscribers, shockwaves rippled through the ISP industry.

The verdict, in favor of major record labels including Sony and Universal, was a catalyst for many other ‘repeat infringer’ lawsuits. This resulted in yet more multi-million dollar claims and awards, with many still in the pipeline today.

Meanwhile, Cox did all it could to fight the verdict. This resulted in some small wins, including a recent ruling that the billion-dollar damages calculation needs a re-evaluation. The liability ruling stands, however.

In a final attempt to find the law on its side, last year Cox petitioned the U.S. Supreme Court. In essence, it argued that an ISP shouldn’t be held liable simply because it knew that its subscribers were downloading and sharing pirated content. Cox also challenged the assertion that mere knowledge of subscriber piracy constitutes ‘willful’ copyright infringement.

The U.S. Solicitor General backed Cox’s request , and in June the Supreme Court allowed the ISP’s case to proceed . At the same time, the Supreme Court denied a cross-petition from the record labels, who sought to strengthen the existing verdict.

Cox Files Supreme Court Brief

Cox submitted its brief to the Supreme Court last Friday, asking it to overturn the lower court’s ruling. The ISP presents two questions that have broad implications for ISPs, millions of their subscribers, rightsholders, and potentially other online services.

The first question relates to contributory infringement. Specifically, whether an ISP can be held liable for “materially contributing” to copyright infringement if it fails to terminate accounts of allegedly pirating subscribers.

In its brief, Cox argues that the Fourth Circuit wrongly concluded that it was liable. The ISP notes that contributory copyright infringement requires proof that the company engaged in ‘affirmative conduct’ that facilitated the misconduct. Failure to terminate accounts of allegedly pirating subscribers is not sufficient proof.

“In short, Cox did not engage in a single affirmative act with the purpose of furthering infringement—and gained nothing from users’ infringing conduct. Cox simply provided communications infrastructure to the public on uniform terms,” Cox writes.

The ISP adds that terminating Internet access is a draconian measure with potentially devastating consequences. This duty shouldn’t be imposed by the court but by Congress.

“Only Congress is empowered to create a duty to terminate internet service that carries such profound implications for members of the public and the nation’s economy,” Cox argues in its brief.

The second question relates to whether Cox’s actions were willful, which is relevant to damages which ultimately led to the $1 billion verdict.

Here, Cox argues that willfulness requires proof that the defendant knew its own conduct (not terminating repeat infringers) was illegal. According to Cox, there is no evidence that this is the case, pointing to an anti-infringement program it developed to counter piracy on its network.

Mass Terminations & Internet Police

The full brief presents a wide array of arguments. According to Cox, it’s clear that the lower court’s ruling should be reversed. If not, millions of Americans risk losing Internet access over unvetted third-party claims.

“If allowed to stand, the Fourth Circuit’s one-two punch will yield mass evictions from the internet. ISPs confronting steep penalties will have no choice but to terminate the connections of homes, barracks, hospitals, and hotels, upon bare accusation,” Cox writes.

According to Cox, the ramifications go further than just copyright infringement. Liability could spread to other types of misconduct, requiring ISPs to take action to avoid being held responsible. That would effectively turn these companies into the internet police.

“Under the Fourth Circuit’s reasoning, once an aggrieved party sends an ISP a notice asserting any manner of customer wrongdoing, the ISP is a willful accomplice for every subsequent customer misdeed,” Cox notes.

“That notion turns internet providers into internet police and jeopardizes internet access for millions of users.”

Cox’s Supreme Court brief is just the opening salvo, and the record labels will undoubtedly present a different interpretation of both the facts and the law. Their brief is due on October 15 and will offer a different perspective on the lower court’s ruling. After that, the Supreme Court will hear oral arguments from both sides.

—

A copy of Cox Communications’ brief to the Supreme Court is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

With the new football season underway in Spain and LaLiga’s blocking order still in force under the authority of a judge, overblocking is still a big problem in Spain according to reports.

Last season saw relentless IP address blocking target shared Cloudflare IP addresses again and again. With no obvious urgency to ensure that those blocks were lifted when no longer needed (i.e after LaLiga matches had ended) blocking continued to affect innocent parties for much longer than necessary; that’s if we assume that any avoidable blocking of innocent third parties is ever necessary.

Potentially Some Limited Progress

As reported earlier this week , data reviewed by TorrentFreak suggests that some measures may have been put in place to limit how long IP addresses stay blocked. Instead of persisting for hours, days, or even weeks after being put in place, blocks seem to be lifted much more quickly.

While that should’ve been the case back in February to limit unnecessary collateral damage, any progress should come as a relief, especially if it can be built upon in the coming weeks.

Until then, concerned parties appear to be battling a fundamental reluctance to get involved by anyone with any power or influence. Faced with inaction and a problem for individuals and businesses up and down the country, media coverage can often make a real difference.

Not in this case; beyond a small number of tech-focused news outlets, most mainstream outlets in Spain have avoided mentioning the controversy, much less found reason to discuss it.

ERC Demands Answers

Not so the Republican Left of Catalonia (ERC), a pro-Catalan independence party that aired its concerns in Congress this week. Accusing the government of doing nothing to protect citizens from freedom of information and net neutrality violations, ERC said inaction amounted to a dereliction of the government’s duties.

“A private company cannot act with impunity and indiscriminately in defense of its business. No matter how important that business may be,” spokesperson Gabriel Rufián wrote on X.

“And charging €120 per month, it certainly can be.”

According to a Europa Press report, ERC presented a list of questions to the government for which it demanded answers from the executive branch concerning LaLiga’s blocking campaign. The party reportedly described collateral damage from overblocking as “massive”, with large platforms such as Steam and Elon Musk’s ‘X’ among those negatively affected.

Europa Press invited LaLiga to comment; maintaining its original position from roughly six months ago, LaLiga denied there was a problem.

LaLiga: Reports of Overblocking Are False

“It is false that massive blocking of legitimate websites is taking place,” LaLiga told the publication.

“All blocking measures are part of an authorized and supervised judicial procedure , under very restrictive and guarantee-based criteria, and under protocols that include multiple safeguards and guarantees, thus ensuring compliance with the principle of proportionality.”

LaLiga went on to describe a “precise and surgical procedure” within a system that is “highly specific and designed to address illegal content, while documenting and preserving evidence of the violation of its rights in all cases.’

Still No Peace Agreement

In a clear sign that LaLiga and Cloudflare have been unable to patch up their differences, LaLiga took the opportunity to blame Cloudflare for hosting “both legitimate and illegal websites on the same IP address, thus serving as a digital shield for such criminal conduct.”

The statement is a classic double-edged sword. By shifting responsibility to Cloudflare, it acknowledges the shared IP address issue at the root of the majority of overblocking incidents in Spain. While LaLiga claims to block the pirate services with pinpoint accuracy, which it does, there could be dozens or hundreds of innocent services on the top of exactly the same pin as a single pirate site.

The blocking of innocent third-parties is clearly something that LaLiga would like to avoid. Since it has no means available to partially block an IP address, blocking impacts innocent individual users and small websites, through to large internet-based operations that have no connection to piracy.

Cloudflare IP address 172.67.69.232

There’s no definitive single source of information to accurately and comprehensively identify in advance which sites will be affected by an IP address block; but there are ways to confirm that at least some damage will be caused. At the time of writing, the majority of previously blocked IP addresses have been unblocked by the ISPs in Spain.

For reasons that remain unclear, however, Vodafone is still blocking the Cloudflare IP address 172.67.69.232.

This means that any Cloudflare customers that have been allocated that same IP address can no longer service any visitors who attempt access from a Vodafone connection in Spain. During match times, the same would also apply to other ISPs including Movistar, DIGI, Orange, Masmovil, and Vodafone itself.

The perfect result for LaLiga might be the blocking of a single pirate site. The actual result of blocking a shared IP address is the blocking of a single pirate site, and all other sites operating from the same IP address.

Pinpoint Accuracy Collateral Damage

In the case of Cloudflare IP address 172.67.69.232, the following domains (and most likely many more besides) were all using that address at the time of writing. (domain extensions modified for security reasons)

logos-world.nxt, cordonbleu.edu, thefloridachannel.oxg, filext.cXm, atwix.cXm, royalapps.cXm, netticket.fi, cultsport.cXm, rapid-rebates.cXm, gosweetspot.cXm, sundaymore.cXm, bizmanualz.cXm, atech.cloud, boom.tv, dobenergy.cXm, viseo.sX1, radbag.bEx, fabricsandpapers.cXm, diamondtours.cXm, muzikercdn.cXm, supportyourtech.cXm, mellano.fi, ac-knowledge.nxt, g-city.cXm, brightercraft.cXm, wsipowered.cXm, kleverinnovations.nxt, experimenteaza.ro, omegatv.cXm.cy, b-zone.buz, farma-rhodes.cXm, improveit.llt, finqr.sX1, bluefoxhost.cXm, card-plus.nxt, stampseed.cXm, gomel-sat.ZZ, zanchetta.cXm.br, lotsthailand.cXm, motaquip.cXm, chelfordfarmsupplies.co.bk, sierracases.cXm, southtelecom.vn, adjust-it.nlX, shavaz.cXm, naisuku.jpx, online-escape-room.cXm

A cursory review of these domains leads to one standing out above the others: gomel-sat.ZZ . The domain extension has been altered by us, but the site is linked to IPTV and could’ve been targeted via IP address blocking.

Whether UK-based Chelford Farm Supplies Ltd should’ve been blocked at the same time to prevent piracy is a matter for them. Likewise UK-based car parts distributor Motaquip and the others that we didn’t check individually.

LaLiga told Europa Press that it knew of “multiple complaints on social media about alleged blocks on nonexistent websites, with no real traffic or only a few dozen users per month. These types of complaints have no real impact on users and only seek to create a narrative of social alarm to discredit the fight against piracy.”

Narratives like these are undoubtedly a negative in the fight against piracy. Fortunately, they are easily managed through the elimination of the events providing the fuel.

From: TF , for the latest news on copyright battles, piracy and more.

In recent years, rightsholders of major sports events have repeatedly complained that piracy of live sports has gone through the roof.

Many have called on politicians to tighten legislation and urged law enforcement to take the problem much more seriously.

The issues are no different in Norway, where streaming service Viaplay is facing a surge in piracy. According to a recent survey by Mediavision , 1.25 million Norwegians, or 30% of the population aged 15-74, use illegal streaming services every month.

IPTV piracy is particularly problematic. Research shows that 14% of all Norwegian households subscribe to an unauthorized IPTV service. That’s an increase of 40% compared to a year earlier.

These pirate platforms offer movies, regular TV programming, and access to live sports, including the popular English Premier League.

At What Cost?

These new statistics were the reason local news outlet Nettavisen ran a series of articles on IPTV piracy, which resulted in a mixed bag of commentary.

Rights holders, including Viaplay, see these rising piracy numbers as an existential threat that should be tackled sooner rather than later. Several politicians agree that this ‘illegal activity’ should not be condoned.

“We have an ongoing dialogue with the authorities about the challenges with illegal IPTV, and we notice that they see the seriousness of the problem and want to do something about it,” Viaplay’s Birgitte Malling said .

Jon Espen Nergård, chairman of the board of Nordic Content Protection, previously said that illegal market turnover was approaching one billion Norwegian kroner, with money going “into the pockets of criminals” instead of benefiting the Norwegian creative industries. He’s calling for tougher measures, stressing that “illegal use must have consequences.”

The notion that piracy is wrong was also reiterated by conservative politician Tage Pettersen, who, as a member of parliament, shows no sympathy for, or understanding of, people who turn to piracy. “It’s illegal,” he says .

Who is Paying The Price?

The legality of piracy is not really up for debate in the current discussions in Norway. However, many people, including politicians, academics, and experts, point out that the public revolt is likely a response to high costs.

A premium tier subscription to Viaplay with access to live sports currently costs 749 NOK (~$73) per month. That’s a steep increase compared to a few years ago, and one of the highest price points in Europe.

For comparison, a similar Viaplay subscription in the Netherlands costs less than a third of that, 235 NOK (~$23).

While many hardcore sports fans are willing to pay this price, there’s an increasing number of people who can’t or simply don’t want to pay so much. Instead, they opt for pirate IPTV services which also charge subscription fees, but at a fraction of the prices demanded by legitimate services.

‘Football Digs Its Own Grave’

Mimir Kristjansson, who’s currently a member of parliament for the Red Party, recognizes that piracy is against the law. However, he doesn’t feel particularly upset when people who choose that option.

Instead, he points a finger at the high subscription prices, which are a direct result of licensing fees charged by sports leagues, including the Premier League.

“Football digs its own grave when it costs so much money that ordinary people cannot have a Premier League season subscription, unless they are completely football crazy,” Kristjansson said .

Agnes Nærland Viljugrein of the Labor Party is not as outspoken but also mentions pricing as a key factor in this debate.

“As a politician, I would never encourage people to break the law, but I think it’s worth facing the realities. These are the steps people take, and it’s not unlikely to think that it’s about price,” Viljugrein said.

Illegal? So What?

While the authorities and rightsholders have repeatedly stressed that piracy is against the law, and may even be considered a criminal offense under some circumstances, Norwegians don’t seem to be fazed.

Harry Arne Solberg, professor at the Norwegian University of Science and Technology, says that this is in part because the risk of getting caught is low. In addition, he too sees price as a key factor.

“What we see time and again is that people are provoked by the prices. You don’t need to be a researcher to understand that, given the prices,” Solberg told Nettavisen.

“They probably know by definition that it’s illegal, but to put it in Northern Norwegian terms, they don’t give a damn,” he added.

The professor says that instead of hiding their illegal activity, Norwegians tell their friends about pirate IPTV services, helping them to save money too. That’s the polar opposite of what all anti-piracy efforts have tried to achieve.

All in all, it is clear that many Norwegians see IPTV piracy as a viable option to enjoy sports without paying too much, knowing very well that they are breaking the law. Turning this ship will require draconian enforcement actions or, alternatively, more affordable legal options.

From: TF , for the latest news on copyright battles, piracy and more.

Three years ago, pirated Blu-ray copies of ‘Spider-Man: No Way Home’ began circulating on pirate sites, weeks before the film’s official release.

Shortly before, pre-release discs were offered in an eBay listing, suggesting that someone had managed to get their hands on several pre-release copies of the film. The exact source and circumstances were unknown.

Earlier this year, the mystery was partly solved when the U.S. Department of Justice indicted the alleged wrongdoer. Following an in-depth investigation by the FBI, the authorities indicted 37-year-old Steven Hale , accusing him of stealing several Blu-rays and DVDs from his former employer; a disc manufacturing and distribution company in Memphis.

In May, Hale pleaded guilty to stealing and distributing numerous DVD and Blu-ray discs for commercial advantage and private financial gain. Among them, the pre-released ‘Spider-Man: No Way Home’ and other titles such as ‘Venom: Let There Be Carnage,’ ‘Encanto,’ and ‘The Matrix Resurrections.’

Firearm Charge

In addition to the copyright infringement charge, Hale was also indicted for a firearm offense. When raiding his premises, law enforcement found a gun in a car that was registered in his name, which, for a felon, is a separate criminal offense.

The defense argued that the gun, which was loaded, didn’t belong to Hale but to his father. In addition, Hale’s attorney also stressed that it “was simply there by coincidence,” not to facilitate the copyright infringement.

The government agrees that there’s no apparent connection between the firearm and the theft of the DVDs and Blu-rays. However, the ‘coincidental’ discovery doesn’t necessarily mean a lower prison sentence.

Government Recommends a 57-Month Prison Sentence

This week, the U.S. Department of Justice (DoJ) shared its position on the upcoming sentencing with the court. The filing notes that this isn’t the first time that the defendant has had a run-in with the law.

“The defendant has an extensive criminal record involving armed robbery, attempted robbery, theft of property, and driving with a suspended license, as well as pending gun and drug charges,” the DoJ writes.

The filing also reveals Hale’s theft of the films was deliberate and methodical, stating he would hide boxes of DVDs near a “malfunctioning emergency door,” cut the security tape, and then move them to his vehicle after hours to avoid detection.

Interestingly, the government agrees with the defense that the gun was not specifically linked to the copyright infringement. In fact, the DoJ views these as separate offenses.

“In this case, there is no indication that the defendant possessed or used a firearm to steal DVDs from his employer or commit copyright infringement,” the recommendation reads.

This is not necessarily good news for the defendant, as the DoJ further argues that both crimes should not be grouped at all, contrary to a suggestion in the pre-sentence report. Instead, the DoJ requests separate sentences for both crimes, to be served concurrently.

In this case, the government recommends a 57-month prison sentence for the firearm charge, which is at the low end of their 57- to 71-month calculation. This is higher than the 21-month prison sentence it recommends for the copyright infringement.

If the court agrees, the defendant will have to serve the longest sentence, which is related to the firearms charge.

Defense Hopes for Leniency

Earlier this month, the defense called for a lower sentence, also arguing that the gun had nothing to do with the stolen movies.

The defense’s strategy focused on lowering the sentence in other ways, concluding that 37 to 46 months would be a more suitable sentencing range.

This lower sentence would be appropriate considering that the gun was not Hale’s and “there by coincidence.” In addition, the defense argued that his previous attempted robbery conviction should not count as a “crime of violence”.

Hale’s attorney asked the court for leniency, painting a picture of a man who made a “very poor choice” after struggling against difficult circumstances his entire life. Despite growing up impoverished, he managed to get a Bachelor of Science degree in Business Management.

MPA Requests to be Heard

With both sides heard, the Tennessee federal court is expected to announce Hale’s sentence in the coming weeks. Interestingly, the MPA has asked to chime in before that happens.

The movie industry group, which represents the victims in this case, indicated that it would like to address the court at sentencing. In a declaration shared in this case, the MPA mentions that the movie studios were severely harmed by Hale’s actions.

The financial harm likely adds up to “many tens of millions of dollars,” MPA’s Larissa Knapp argued, noting that leaked copies of the Spider-Man movie were shared millions of times before the official premiere.

While the MPA focuses on the massive financial damages from the copyright crime, the judge’s final decision may ultimately hinge on a ‘coincidental’ firearm charge that both sides agree was entirely separate.

—

A copy of the DoJ’s position on the (sealed) Pre-Sentence Report is available here (pdf) and the defense’s position can be found here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

Sky’s investigation into the activities of David Dunbar reportedly began in Ireland during November 2024. Investigators had become aware of a social media account selling so-called ‘dodgy boxes’ and with assistance from an anonymous tip provided by the Federation Against Copyright Theft, Sky was able to connect the dots.

Papers filed at the High Court describe Dunbar as operating under the brand ‘IPTV is Easy.’ As a reseller, Dunbar “sells IPTV subscriptions to his customers, and to sub-sellers who sell subscriptions on his behalf, for a cut of the profit,” a Sky investigator explained.

Sky Obtains Orders to Secure Evidence and Restrain Assets

After obtaining relatively rare yet powerful orders from the Court on May 16, Sky aimed to take Dunbar by surprise, search his home, and shut his operation down. When Sky’s legal representatives arrived unannounced at Dunbar’s home on May 21, Dunbar was advised that he could go to prison if he failed to comply.

Despite the warning, Dunbar refused to allow Sky’s legal representatives inside unless a police officer was present. Since this was a civil matter, police wouldn’t be involved unless things got out of hand, so that was that.

Failure to Comply With High Court Orders

No access meant no search could be carried out , evidence couldn’t be secured, and access to Dunbar’s email accounts was effectively denied. Cloud storage instances couldn’t be secured to prevent deletion either, along with other measures detailed in the order, all of which went unsatisfied.

When Sky’s legal representatives returned later in the day, Dunbar’s position hadn’t changed, but he did understand “the consequences of his ongoing refusal.” With nothing further to be gained, Dunbar was again reminded of his “very clear obligations” not to “destroy, tamper, or interfere with any assets or evidence.”

Sky’s monitoring of a Telegram channel used for ‘IPTV is Easy’ customer support found it had 543 members. By the afternoon of May 21, the channel had disappeared and the ‘IPTV is Easy’ app was no longer operational. Sky concluded that Dunbar was likely taking steps to “hide or destroy evidence of his IPTV service.”

Defendant Admits Non-Compliance

When Dunbar later appeared in Court, he accepted that he’d failed to comply with the High Court’s orders, acknowledged that was a serious matter, and said that he was “extremely anxious to purge my failure to comply.” His suggestion that only after receiving legal advice from his own solicitor did he realize the gravity of the situation, was “inconsistent” with statements made by those who attempted to execute the orders, the Court noted.

Information concerning the IPTV is Easy business, including whose streams it sold, appear to have been addressed in part. Whether any responses provided any useful intelligence seems unlikely. As presented below, that type of information would’ve likely been collected already as part of the investigation.

According to Dunbar, after he sought advice from MBM on Discord concerning the unwelcome visit from Sky, he was “immediately blocked, removed from all groups mentioned and both my and my customer’s [sic] access to the panel and the service was immediately cut off.”

High Court Judgment

In his judgment dated August 20th, Justice Mark Sanfey provides a detailed overview of the investigation, how the business operated and, of course, his asssessment of whether Dunbar was guilty of contempt for failing to comply with the orders issued in May.

While a guilty decision was never really in doubt, the Judge was very thorough and gave Dunbar credit when he felt that was warranted, although never likely to tip the scales to the extent needed.

Nevertheless, on a different day things could’ve been a lot worse. Justice Sanfey said that sending Dunbar to prison would “confer no tangible benefit on the State, which will be put to the expense of funding the defendant’s stay in prison.”

Overall, Defendant Will Be Sufficiently Punished

In arriving at his decision to impose a fine instead, the Judge balanced various factors. These included the possibility of Dunbar losing his job, and the specter of Ireland’s tax inspectors taking an interest to discover the whereabouts of their share of any undisclosed funds.

The fact that Dunbar failed to defend the civil case against Sky, and as a result now owes the company at least €500K in damages and legal fees, led the Judge to conclude that, on balance, Dunbar had been punished enough.

“[W]hile the defendant must be regarded as the sole author of the misfortune which has come his way due to these proceedings, the court is not insensible to what must be an enormous level of upheaval, upset and stress caused to the defendant and in particular to his family by virtue of the exposure of his activities by the plaintiff,” Justice Sanfey notes.

“Taking all of the circumstances of the matter into account, I consider that the imposition of a fine on the defendant is sufficient punishment, and I will impose a fine of €30,000 on the defendant, to be discharged by 31 October 2025.

“The defendant has come very close indeed to being sent to prison; future contemnors in similar circumstances should consider that they may not be so fortunate, as every case depends on its own facts,” the Judge concludes.

From: TF , for the latest news on copyright battles, piracy and more.