With the FIFA World Cup being partially hosted by the United States, the chance of a U.S.-led pirate domain seizure round was significant.

In 2022, the U.S. government already carried out a similar World Cup-themed enforcement action , which was repeated yesterday at roughly five times the scale.

The Department of Justice announced that it had seized nearly 400 domains that were used to illegally stream the 2026 FIFA World Cup. The action, branded “Operation Offsides 2026”, was led by the National Intellectual Property Rights Coordination Center with HSI Washington and the Computer Crime and Intellectual Property Section.

“We have seized hundreds of domains, used to illegally stream World Cup matches for profit, to disrupt the international networks that profit from the global popularity of the World Cup,” said Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division.

Seizures with Broad Support

This is far from an isolated action. The DOJ credits FIFA as the lead rightsholder, with supporting information from beIN Media Group, NBCUniversal, the MPA’s Alliance for Creativity and Entertainment, the Ultimate Fighting Championship, and Warner Bros.

The seizure banner, shown below, also reveals support from a variety of foreign organizations and authorities, including Europol, City of London Police, Ecuador’s SENADI, Argentina’s Ministerio Público Fiscal, the NCFTA, as well as anti-piracy outfit FriendMTS.

In addition to the domain seizures, international coordination through the ICHIP network also targeted pirate streaming services in various other countries.

“Servers and domains linked to illegal streaming of World Cup games were targeted in Peru and Bulgaria, two known centers of online piracy activity. Additional ICHIP-supported disruptions took place in Croatia, Romania, Poland and Colombia,” the press release states.

Tracing the Seized Domains

The DOJ released no list of seized domain names. However, DNS data shows that dozens of new domain names have added seizedservers.com nameservers in the past 24 hours. These nameservers are used in the U.S. government’s seizure actions for well over a decade.

The domains we traced include kooora365.com, kora-shoot.com, bein-match-worldcup.com, beinmatchtv.com, rojadirectastv.org, pelotalibrehd.org, futbollibreusa.com, viper-play.org, and redditsoccerstreams.name. A non-verified and non-exhaustive list of domains can be found below.

These domains all use popular brands, either from beIN as a broadcaster, or popular pirate brands such as rojadirecta and futbollibre. That doesn’t necessarily mean that these domain names were popular, as most appear to be copycats.

For example, the seizure action targeted futbollibreonline.com, which had just over 166,000 visits last month, while futbol-libre.su remains online with more than 73 million monthly visits. A likely explanation is that domains operated by foreign registries, such as the Russian-operated .su, typically don’t fall under U.S. jurisdiction.

The seized domain names we identified all use .com, .name, and .org domains, which are maintained by the American organizations Verisign and the Public Interest Registry . The affidavit from the first Operation Offsides targeted both registries and registrars.

A Fitness Blog and a CBD Site

At first glance, the list of seized domains includes several unusual targets. fitforcedaily.com, for example , was a site that presented itself as a fitness blog with articles on insulin sensitivity, strength training, and pregnancy workouts. But there was more going on under the hood, as the domain’s main referral traffic came from a Rojadirecta site.

Several other entries in the slice appear to be expired and reused domains. Freedomgloryproject.com was originally an Iranian-American music activism site, last updated in 2015. Gonutradeal.com hosted CBD wellness content as recently as 2023. Interoutemediaservices.com matches the brand of a European telecom, Interoute, acquired by GTT Communications in 2018 and retired shortly after.

This is not as unusual as it seems, as pirate site clone operators often buy lapsed domains to leverage their existing search-engine credibility.

Since the news broke hours ago, it is possible that the seizure actions are ongoing, so more domains, including different gTLDs, may be added as well. We will update this article if new information becomes available.

—

The DOJ press release for Operation Offsides 2026 is available here . The seizure warrant and affidavit, filed in the Eastern District of Virginia, were not immediately available to us on PACER.

A list of several domain names that added seizedservers nameservers in the past 48 hours is available below. These are traced by TorrentFreak, not confirmed by the authorities.

viper-play.org
surfg.org
rojadirectastv.org
pelotalibrestv.org
pelotalibrehd.org
pelota-libretv.org
kora-yalla.org
kevinsport.org
futbollibrehd.org
futbol-libres.org
kora999live.com
kora999.com
kora999-live.com
kora48.com
kora360-tv.com
kora360-lives.com
kora360-live.com
kora1lives.com
kora-show.com
kora-shoot.com
kora-onlineone.com
kora-online24.com
kora-live4k.com
kora-gol.com
kora-city.com
kora-999.com
koorati.com
koorallive24.com
kooraliveworldcup.com
kooralive69.com
kooralite.com
kooragol-live.com
kooragoal24.com
kooraa4live.com
koora4livehd.com
koora48.com
koora1live.com
koora-tv.com
koora-live-live.com
koooraa4live.com
kooora4livetv.com
kooora365.com
kooora-sport.com
kooora-sia.com
kooora-mobashir.com
kevinsport.com
interoutemediaservices.com
hdlive7.com
hd7-new.com
hayasport.com
gosporttv.com
gonutradeal.com
golygoal.com
gollibre.com
golkoora.com
goheali.com
goalkora.com
go4koraa.com
go4kora.com
fuutbollibre.com
futbollibreusa.com
futbollibreonline.com
futbollibre-tv.com
futbollibre-hd.com
fullmatch-hd.com
freekora.com
freedomgloryproject.com
fotytv.com
flixmv.com
fitforcedaily.com
ekoralive.com
egynoww.com
deportelibretv.com
deportelibree.com
defendersportstreams.com
crichdbest.com
childluresprevention.com
cagesharkdive.com
bolasrolando.com
beinmatsh.com
beinmatchtv.com
beinmatch26.com
bein4kora.com
bein-mattch.com
bein-match.com
bein-match-worldcup.com
bein-live.com
beiin-match.com
alwansport.com
alkooralive.com
akora-live.com
ahsa-news.com
808ball13.com
360koratv.com
360kora.com
360koora-live.com
360kkora.com
1kora.com
11kora.com
redditsoccerstreams.name

From: TF , for the latest news on copyright battles, piracy and more.

Earlier this month, BREIN published its latest annual report, providing insights into its priorities and achievements.

Among other things, the Dutch anti-piracy group reports that it shut down 50 IPTV/VOD subscription vendors, 42 streaming sites, while also stopping 673 pirate site proxies and mirrors.

BREIN also keeps the Dutch pirate site blocklist up to date. By the end of 2025 it covered 303 unique domains, 13 platforms, and 8 IP addresses. These are part of the dynamic blocking efforts, backed by a voluntary agreement with ISPs, as well as court orders.

BREIN Shares Blocklist Data With DNS4EU

By now, most Dutch site blocking efforts are standard practice, but BREIN also shared a new and intriguing detail in its full report, which involves the European DNS resolver DNS4EU .

As it turns out, BREIN is actively and automatically sharing the Dutch blocklist data with DNS4EU.

BREIN was under the impression that the blocklist data would be used to block pirate sites. Understandably, that is something the group wholeheartedly supports.

“BREIN sees several advantages, particularly the ability to block illegal sites more effectively. BREIN therefore shares the details of websites blocked in the Netherlands and sends DNS4EU up-to-date lists of blocked websites,” BREIN’s annual report reads.

Speaking with TorrentFreak, BREIN’s director Bastiaan van Ramshorst explains that they offer secure access to the same blocklist server that ISPs use. In addition, DNS4EU reportedly said that it would be interested in getting similar data from other countries as well.

Funded by the EU, Blocking in Mind

BREIN’s report and comment don’t explain why the DNS provider might be interested in blocklists, but the DNS provider’s origins provide useful context.

DNS4EU is a public DNS resolver, co-funded by the European Commission and currently operated by a consortium led by Czech cybersecurity company Whalebone . The service launched last year as a sovereign European alternative to non-EU resolvers such as Google Public DNS and Cloudflare.

When the European Commission published its call for proposals in 2022, the tender specified that the resolver should be able to filter illegal material on legal grounds. As we reported at the time , the documentation listed the following requirement.

“Filtering of URLs leading to illegal content based on legal requirements applicable in the EU or in national jurisdictions (e.g. based on court orders), in full compliance with EU rules.”

This type of blocking can also expand to copyrighted content. This is already taking place in response to court orders, such as in France , but the agreement between BREIN and DNS4EU suggests that voluntary blocking could be an option too.

Whalebone now runs DNS4EU without EU funding, but it appears that the interest in blocking remained.

No Voluntary Pirate Site Blocks

The logical assumption that DNS4EU would use the blocklist data to block sites can’t be backed up by data. TorrentFreak’s tests show that blocked domains, including The Pirate Bay, are readily accessible, also from The Netherlands.

To find out more about DNS4EU’s plans with this case, we reached out to the operating company Whalebone, which declined to confirm any blocking and pointed to the DNS4EU resolver policy instead.

Under that policy , DNS4EU commits “not to block DNS resolution except for when required by law, enforceable decision of the competent court or other government authority or elected by the User.”

The Dutch blocklist is based on civil court orders against the ISPs, not against DNS4EU. This means that DNS4EU is not legally required to take action.

DNS4EU’s own numbers confirm that it is not taking any voluntary action, at least where copyright is concerned. Its first transparency report, covering June through December 2025, logs roughly 63 million voluntary “own-initiative” blocks. These are almost all linked to phishing and scam domains.

The number of blocked domains in the copyright infringement category is zero, as is the total for the broader intellectual property category.

No Reason to Block

This chain of events raises an obvious question. Why would DNS4EU reach out to BREIN to request access to the blocklist, and ask for more, only to leave it untouched?

When we first pressed Whalebone, a spokesperson explained that, while the company leads the DNS4EU consortium , other members are involved and there was no agreement yet on how to move forward.

“I need to check with them what was the agreement,” the Whalebone spokesperson informed us two weeks ago. “These discussions are currently ongoing.”

Shortly before publication, after consulting the consortium, Whalebone followed up with a fuller statement, which it says was also sent to BREIN. This time the answer was clear: the data will not be used.

“DNS4EU team contacted BREIN regarding this matter, however, we later discovered that BREIN is not the governmental regulatory body. Therefore, there is no reason to proceed with implementing their blocking list. The data has not been used in any way,” the statement reads.

This neatly explains why BREIN’s blocklist is not put to use by the DNS provider. However, it also raises additional questions. Does DNS4EU currently block sites based on blocklists from governmental regulators, and if so, are any of these blocklists currently in place?

From: TF , for the latest news on copyright battles, piracy and more.

PirloTV and Rojadirecta are popular piracy brands with a loyal audience across Latin America, offering free, ad-supported sports streams

For millions of sports fans in the region, these are the go-to sites to enjoy live sports, including the FIFA World Cup and the UEFA Champions League matches.

Rightsholders have been well-aware of the operations and have tried to counter them on several occasions. Earlier this year, for example, UEFA obtained a site blocking order in India that ordered ISPs to block pirlotv2.pl, rojadirectaenvivo.pl, and many others.

This order also required domain registrars disable the domain names. While some complied with this order, several domains remained available. However, following a recent enforcement operation, some of these gaps were addressed.

44 ‘PirloTV’ Domains Targeted

Some domain names that initially stayed online have now been targeted in a new enforcement action. This includes pirlotv3.pl, rojadirectaenvivo.pl, and elitegoltv.pl. These are now under control of the MPA, pointing to the following ACE banner.

Yesterday, the Alliance for Creativity and Entertainment , together with UEFA and the Mexican Institute of Industrial Property (IMPI), took credit for a major ‘disruption’ action targeting the Mexican ‘PirloTV’ piracy ring.

According to the announcement, the 44 targeted domains attracted more than 950 million visits per year, including approximately 230 million from Mexico alone. The network’s strongest audiences were in Mexico and Colombia, with significant traffic also coming from Spain and the United States.

The press release mentions no domain names, but it does reference PirloTV, which likely means that the aforementioned domain names were part of this sweep.

Mexico’s First ACE Operation

The action is the first enforcement operation carried out under a memorandum of understanding between ACE and Mexico’s IMPI , which was signed in December 2025.

Under the agreement, IMPI and ACE committed to exchange intelligence on pirate streaming operations and coordinate enforcement actions across the region. The PirloTV operation is its first public output.

“This operation demonstrates the power of collaboration between ACE, UEFA, key industry stakeholders and government partners to protect the creative economy and combat large-scale digital piracy,” said Larissa Knapp, MPA’s Executive Vice President and Chief Content Protection Officer.

UEFA joined ACE as a member in October 2025, and the two organizations have since worked closely on enforcement, including the Indian domain blocking operation we referenced earlier.

New Domains Surfaced Quickly

This action already took place last month, before the UEFA Champions League final. The press release doesn’t explain why it was made public weeks after, but it is possible that some domain names still had to be properly secured.

It’s also worth noting that ACE’s press release doesn’t mention any enforcement actions against the operators. Instead, it refers to the action as a domain name “disruption”. However, disruption rarely means the end on the story.

This type of wordage suggests that the operators have not necessarily been stopped. That could also explain why several new PirloTV and RojaDirecta domain names emerged recently.

For example, in May a new pirlotvplay.pl surfaced, which later started to redirect to pirlotvplay.dev, which is live and fully operational at the time of writing.

The site carries standard PirloTV branding and is serving today’s sports schedule, including World Cup matches. Interestingly, the canonical URL points to rojadirectahd.vip, which points to a broader piracy network structure.

Whether these new domains are directly linked to the operation ACE targeted is unknown. In any case, there are dozens of copycat sites operating under the PirloTV and RojaDirecta brand names. Most of these are opportunistic clones, trying to capture search traffic, rather than the same operation.

While the recent enforcement action has not taken the operators out of action, it likely cost them significant traffic and revenue. Whether ACE and IMPI will pursue the people behind the network, besides these domains, remains to be seen.

From: TF , for the latest news on copyright battles, piracy and more.

For many pirate sites and apps, ad revenue is the only viable lifeline. This is why the advertising industry is an important ally in the fight against piracy.

Over the years, several ad-focused anti-piracy initiatives and partnerships have tried to prevent branded ads from appearing on these sites.

To track what kinds of ads appear on pirate websites and apps across Europe, the EU Intellectual Property Office ( EUIPO ) commissioned UK-based research firm White Bullet. The resulting report is one of the most detailed pictures available of how online piracy is funded.

The latest report on the state of the pirate advertising landscape was published this week. It covers 5,671 websites and 337 mobile apps monitored across 18 EU member states from January to November 2025, with the UK and US included as control countries.

White Bullet compiled a similar advertising report for EUIPO in 2021 and 2024, which makes it possible to measure progress over half a decade.

Major Brand Ads Surge on Pirate Sites

In 2024, major brands accounted for 20% of all estimated ad impressions on the monitored pirate websites. In 2025, that figure reached 36%, which is an 80% market share increase in a single year.

The EUIPO report defines major brands as those appearing on recognized industry lists such as the AdAge Global Marketers Index, and the Forbes Global 2000. These are not obscure companies, but include some of the most recognizable companies in the world. None are mentioned by name.

The increase in major brand market share on pirate sites is not an isolated incident. On the contrary, major brands represented just 3% of pirate site ad impressions in the 2021 report, which means that the cumulative increase over the past five years is over 1,000%.

The report also provides a possible reason for the increase, linking it to the termination of industry policing efforts. These may be connected to the EU’s MoU on online advertising and IPR, which has published no updates since early 2023.

“The massive growth in Major Brand advertising on IPR-infringing websites may be correlated with the 2023 termination of several coordinated outreach programmes focused on educating brands that had been placing advertising on IPR-infringing websites,” the report states.

The report does not mention any programs by name, nor is there hard evidence that their termination is driving the increase. It does, however, highlight some other intriguing trends.

Most Ads on the Worst Sites

The pirate sites tracked in the report were classified as either“high-risk” or “illegal”. Sites in the latter category are deemed copyright infringing by judicial or administrative authorities, typically as part of site blocking schemes.

These “illegal” sites featured by far the most major brand ads, growing to 59% of all ads on these sites in the fourth quarter of 2025. This means that on known pirate sites, major brand advertising is now the single largest category of ad content.

This problem is further illustrated by the performance of existing advertising blocklists, including those offered by the UK’s City of London Police Intellectual Property Crime Unit (PIPCU) and the WIPO ALERT platform .

These lists should help to prevent ads from appearing on pirate sites. However, the 2025 data suggests they fail to reach this goal.

Of the 404 pirate sites on PIPCU’s IWL blocklist , major brand advertising from UK advertisers reached 73.8% of estimated ad impressions, which is well above the pirate site average.

This doesn’t necessarily mean that the blocklist itself is inadequate. Instead, the report finds that two brands with “global operations from China” together accounted for 96% of estimated major brand ad impressions on these sites. Logically, these Chinese brands do not use PIPCU’s blocklist.

Relatively Speaking

The report’s headline figures deserve some context, as we also noted when covering last year’s edition.

The 80% year-on-year increase in major brand ads is a relative share figure, not an absolute count. The total pool of monitored websites shrank from 7,250 in 2024 to 5,671 in 2025, and overall estimated ad impressions in the monitored countries dropped from 14.4 billion to 12.7 billion over the same period.

Last year, the data left room for an alternative explanation, suggesting that the surge in major brand ads was partly driven by a collapse in low-quality non-brand advertising, with the overall number of ad impressions dropping rapidly.

However, this doesn’t hold up in 2025, as the major brand share surged again, while the total advertising pool is shrinking far more slowly.

Big Business?

All of this raises the obvious question: how much money are pirate sites actually making from advertising?

The report estimates that worldwide ad revenue for the 5,671 monitored pirate websites reached 382 million euro ($433 million) in 2025. The 18 monitored EU countries accounted for 28.5 million euro.

The average pirate website generated 22,261 euro in estimated annual ad revenue, while the average pirate app brought in 44,447 euro.

Those figures are estimates based on extrapolated data, and the report points out that the actual numbers may be different. Also, there will be some large sites making well over a million annually, while most smaller ones make a few euros per day, if at all.

While piracy apps bring in more revenue than sites, on average, the earnings per impression are slightly lower for apps. Similar to sites, apps also saw an increase in major brand advertisements, from a 7% share in 2024 to 16% in 2025.

An overview of these and many other pirate advertising trends is available in the full EUIPO report, which is available below.

—

The full report , titled ‘Online Advertising on IPR-Infringing Websites and Apps 2025’ was originally posted on the EUIPO website .

From: TF , for the latest news on copyright battles, piracy and more.

Tracking BitTorrent pirates isn’t all that hard since IP addresses are broadcasted publicly to anyone who’s interested.

With help from Internet providers, these addresses can then be linked to an account holder.

ISPs don’t hand over this data voluntarily; they typically require a subpoena or court order to take action. In the United States, these subpoenas are typically obtained by filing a copyright complaint in federal court against a “John Doe” who’s known only by an IP address.

Limited Retention

Internet providers typically store IP-address assignment details for a limited period that varies per company . For Comcast, this data retention period is 180-days.

The data retention policy has consequences for BitTorrent lawsuits. It means that rightsholders have to go to court within this window, if they want to unmask an alleged BitTorrent pirate.

This deadline is common knowledge and by now most rightsholders simply accept it for what it is. However, several recent movie piracy cases handled by attorney Kerry Culpepper show that there is another way to identify suspects, potentially for years after the infringing activity.

Borrowing Strike 3’s Records

The cases, filed on behalf of Capstone Studios, among others, targeted allegedly infringing IP-addresses that passed the 180-day deadline. However, since these same IP-addresses were previously targeted in lawsuits filed by adult producer Strike 3 Holdings, the film company saw an opening.

Instead of asking Comcast to dig up records that no longer exist, the movie companies asked the ISP to produce the subscriber information it had reportedly provided to Strike 3 for the same address.

Strike 3 is the most prolific rightsholder when it comes to filing BitTorrent piracy lawsuits, with thousands of new IP-addresses being targets every year.

These cases eventually landed on the desk of Magistrate Judge Cyrus Chung, who was skeptical about the tactic. In April, he denied the request, finding no reason to believe Comcast still held the requested information in its records.

“In short, the plaintiff provides no information that the third party has retained the information produced in the 2024 lawsuit, and the information it has provided affirmatively indicates that the third party does not retain such information,” Chung wrote in April.

Comcast Has the Requested Information

The movie companies didn’t give up easily and returned to court early June, with the missing piece. According to Culpepper’s declaration, Comcast had indicated that the records fell within its retention period for litigation documents.

Comcast’s retention limit for legal documents is longer than the 180 days for IP assignment logs, and the ISP purportedly said that it would produce the records if ordered. The movie company, meanwhile, agreed to pay the associated fees.

This new information was sufficient for Magistrate Judge Chung to grant the subpoena. In his order, he cites a 2009 federal appeals decision, Gotham Holdings v. Health Grades , that allows a party to subpoena documents that were produced in a separate lawsuit.

“Here, the plaintiff has shown that the third-party ISP possesses information relevant to its claim and that the limited discovery sought will not impose an undue burden or significant expense,” Judge Chung concluded, while granting the request.

This novel discovery technique is new for BitTorrent lawsuits. It means that, if a person is accused on one lawsuit, the chances that they are targeted in future cases increases, even outside the regular retention limit.

Are They the Same Person?

Taken together, the same IP address, the same client, a matching peer-ID fragment, do carry some circumstantial weight. The question is how much.

The ‘piggyback’ subpoenas were granted in at least four lawsuits, listed below, but there could be more. Whether this strategy will be used more regularly in the future has yet to be seen, but it raises a few questions.

The legal paperwork suggests that the defendants used the same IP-addresses, around the same time, as well as the same peer-ID. Therefore, plaintiffs conclude that they “are same person.”

However, it should be noted that in some cases, weeks have passed between the movie piracy and Strike 3 infringement, so in theory the IP-address could be assigned to a new person. The peer-ID argument tries to undercut that defense, but that also raises questions.

The legal paperwork references a peer-ID prefix, for example 2D5554333535572DC4B, which does indeed appear unique. However, most of this prefix (2D5554333535572D) identifies the torrent client ID in HEX, in this case it’s a version of uTorrent 3.5.5.

That would mean that only the three remaining characters of the prefix are unique. What complicates the matter further is that uTorrent typically generates a fresh peer ID per session , and a restart starts a new session, so the random portion of the ID changes.

Tit-for-Tat

All of this isn’t to say that the defendants aren’t the same people. The same IP address pointing to the same household, on the same client, is certainly possible and in many cases likely. However, proving it with certainty is another matter.

It’s also unknown whether any of these subscribers admitted wrongdoing in the related Strike 3 cases. Those suits are typically dismissed without context.

Whether Comcast will actually hand over the information has yet to be seen, but the plaintiffs arguments suggested that it has no objections before the subpoena was issued. If any subscribers are indeed targeted, they may also choose to push back.

For Capstone, the orders are welcome after the movie company lost a subscriber identification battle at the appeals court last year. There, the Ninth Circuit ruled that copyright holders can’t use a “DMCA subpoena shortcut” to identify internet subscribers suspected of copyright infringement.

As a result, rightsholders have to file slower more expensive federal lawsuits, including the ones at stake here. But with the new “piggyback” rulings, they are no longer tied to the 180-day retention windows.

—

Below are the four cases referenced in this article. The screenshots and quotes come from the first case, but the same language is often duplicated across cases.

– Capstone Studios Corp. v. Does 1-7, No. 1:25-cv-03564 — Silent Night. ( complaint , IP-addresses , motion for leave , and the granted motion )

– Capstone Studios Corp. v. Does 1-6, No. 1:25-cv-03561 — Breathe.

– Capstone Studios Corp. v. John Doe (73.95.253.148) – Silent Night

– Boy Kills World Rights, LLC v. John Doe (76.130.128.15) – Boy Kills World

From: TF , for the latest news on copyright battles, piracy and more.

The FIFA World Cup generates billions of dollars in broadcast rights revenue, making it one of the most valuable sporting events on the planet.

With the tournament in full swing, rightsholders are doing all they can to crack down on pirate sites and services.

Most of this enforcement takes place behind the scenes, through site blocking efforts and takedown notices, for example. This activity is typically picked up by broadcasters, but over the past day we also noticed a series of takedown actions appearing to come from FIFA directly.

FIFA Takedown Notices

While browsing through the Lumen Database , the transparency tool maintained by Harvard that archives copyright complaints, we spotted dozens of recent DMCA takedown notices that were sent to Google, listing “FIFA World Cup” as the sender.

FIFA has engaged in anti-piracy activities in the past, so the action doesn’t come as a surprise. However, the boilerplate language used in the notices stands out for various reasons.

For example, the targeted sites are accused of using “unauthorized brand configurations, proprietary digital layout assets, and trademarked media frames” to impersonate FIFA’s official platforms in Google Search results.

This appears to be a rather convoluted way to note that the pirate sites are using FIFA’s intellectual property without permission. Also, terms such as “brand configurations,” “trademarked media frames,” and “proprietary brand identity” are trademark concepts, which are typically not handled through copyright takedown notices.

AI-Generated?

It doesn’t stop there. The notices further claim that the pirate sites deploy “automated database scrapers and programmatic indexing matrices” to capture search traffic, and that “cloaked link structures” are “engineered explicitly to hijack our organic search footprint.”

This type of language is not something we see every day. In fact, the question remains whether it is written by an actual person. The reputable AI-checker tool Pangram clearly has its doubts, labeling it 100% AI-generated.

Full-domain Removal

The demands made in these takedown notices are not imaginary. However, these go well beyond what we typically see in a takedown notice. Instead of merely asking for the removal of the listed URLs, ‘FIFA’ wants Google to delist full domains.

“We request the complete, permanent de-indexing of this root domain and all its subdirectories from Google Search,” the notices read.

This type of demand goes well beyond what a DMCA takedown notice is intended for. While Google does remove full domain names in response to site blocking orders, DMCA takedown notices typically don’t warrant such a drastic remedy.

Over the past several days, more than 40 DMCA takedown notices were filed, identifying domain names including beststreameast.xyz, falconstreams.net, footybite1.live, streameastnow.net, streamiz.click and us-sport.eu.

How Google classifies these notices is unknown, but it does not appear to have fully delisted the domains. None of the URLs we checked triggered the standard DMCA removal notice in the search results, suggesting that these URLs were not removed either. Alternatively, these URLs were not indexed at all.

Who is Behind This?

The URL lists themselves raise further questions, as the “FIFA World Cup” notices do not stop at flagging FIFA content. The notices also target other sports with no obvious connection to the World Cup, including the NBA, Formula 1, NFL, WWE, and many others.

Given all the open questions and the unusual approach, we doubt whether FIFA is indeed behind these notices. The AI-generated boilerplate language, trademark complaints in a DMCA notice, and URLs of completely unrelated sports, are not what you would expect of a reputable organization.

TorrentFreak contacted FIFA to ask whether the organization, or a vendor acting on its behalf, submitted the notices. At the time of writing, no response has come in yet.

But if this isn’t FIFA, who is behind these notices then?

We can only speculate, but we have seen similar tactics in the past . In this case, that would mean that the operator of a pirate streaming site tries to get higher ranking competitors removed from Google search.

Whether these DMCA notices represent FIFA’s own enforcement operation or an attempt to exploit FIFA’s name during the world’s most-watched sporting event has yet to be seen. In any case, it shows that these types of broad takedown efforts deserve some serious scrutiny.

From: TF , for the latest news on copyright battles, piracy and more.

Starting nearly a decade ago, the World Intellectual Property Organization ( WIPO ) launched a plan to cut off revenue streams to pirate sites.

WIPO is well-respected internationally and part of the United Nations, which ensured cooperation from a wide variety of countries.

In 2019, WIPO launched an advertising blocklist that lets member states flag infringing sites. This list can then be shared with advertisers, who can use it to make sure that revenues don’t end up going to these sites.

This “WIPO Alert” system has been running for years with thousands of domain names being added. While it still functions today, WIPO has quietly been working on a new “WIPO Alert Pay” system that targets the payment services that counterfeit and pirate sites rely on.

WIPO Alert Pay

At the WIPO Advisory Committee on Enforcement session in Geneva this month, WIPO’s Todd Reeves described it as the next iteration of the same follow-the-money approach. While it is not publicly announced yet, Reeves presented the setup and results of the initial pilot.

WIPO Alert Pay relies on voluntary cooperation between rightsholders and payment service providers (PSPs), such as Mastercard and PayPal. Rightsholders can use the alert system to flag instances where pirate sites use their payment services, for subscriptions or VIP access for example.

Rightsholders have to supply required information, which is checked by WIPO for completeness before a domain name enters the system. The PSPs can then decide what action, if any, to take against the merchant’s account under their own terms and conditions.

Report, Check, Notify, List

As with the advertising blocklist, WIPO stresses that its role is limited. It hosts the platform, receives the flagged sites, and aggregates the results for the PSPs. According to Reeves, it makes no infringement determinations of its own.

“We’re not making any infringement determinations. We’re simply securely hosting the platforms,” Reeves said.

“We receive the list of the flagged sites by the right holders and verify that the required information and attestations are provided for the flagged sites. So it’s more of a formalities check than anything else.”

The process runs on a notice-and-review timer. Rightsholders first notify the site owners. If there is no response after three working days, WIPO steps in to send a second notice. If another three working days pass without a response, the site is added to the WIPO Alert Pay list and the payment providers take it from there.

71% of Flagged Listings Removed

The new Alert Pay system ran as a manual pilot from November 2024 to August 2025. Six unnamed rights holders took part, together with two payment providers.

Over that period, WIPO processed 17 actions covering 35 sites of concern. Reeves said 71% of the flagged listings were removed, and that all participants reviewed the system positively and that it was ready to scale.

The slide below, which was shown by Reeves, specifically notes that “broad adoption could be highly disruptive.”

The pilot also uncovered that some sites were displaying a Mastercard or PayPal logo without actually offering those services, presumably to signal trustworthiness.

The mention of Mastercard and PayPal is notable, especially since these two providers are also named in the system’s online forms. This doesn’t make it hard to guess who the two unnamed payment providers were that participated in the pilot.

From Pilot to Platform

With the pilot closed, WIPO is now working on finalizing the development. A software engineer has spent the past few months turning the manual workflow into an automated platform, which Reeves said is close to completion.

The platform already covers PayPal and Mastercard, but WIPO wants to add support for more providers to broaden the coverage. After that, the system will be promoted to rightsholders and their representatives, as well as the member states.

To get more information on the system, TorrentFreak reached out to WIPO two weeks ago, but the organization has yet to reply to our request for comment. However, it is expected that more information will come out when the official launch of WIPO Alert Pay is near.

—

The update on WIPO Alert Pay was presented at the 18th session of the WIPO Advisory Committee on Enforcement on June 4, 2026. The supporting slide deck was not publicly available at the time of writing. All quotes and screenshots used in this article were pulled from the meeting’s webcast.

From: TF , for the latest news on copyright battles, piracy and more.

In May, thirteen major publishers won a massive $19.5 million default judgment against shadow library Anna’s Archive in a New York federal court.

This week, the same publishers, including Penguin Random House, Elsevier, and HarperCollins, filed a new complaint at the same court, this time with the relatively young pirate library WeLib as the target.

Again, the stakes are substantial, with the publishers seeking up to $19.5 million in potential damages for direct copyright infringement.

A New Entrant

The similarities don’t stop at the legal arguments and stakes. Anna’s Archive already highlighted the newcomer in a blog post last year, describing WeLib as a “new entrant” in the space that had copied both its collection and its code.

“They appear to have mirrored most of our collection, and use a fork of our codebase,” Anna’s Archive noted.

The same blog post was also critical of WeLib for not contributing back to the ecosystem and recommended that people avoid using the site.

This week, the publishers also warn against using the site, albeit for different reasons. Their complaint accuses WeLib’s unnamed and anonymous operators of widespread copyright infringement, while also confirming that connection to Anna’s Archive.

“Defendants’ entire business is the illegal copying and distribution of literary works,” the complaint notes, adding that “WeLib was created after its operators copied the source code and most of the contents of the Notorious Pirate Site, Anna’s Archive.”

Not a Library

WeLib describes itself as an “endless library” founded on the principle that “education and literature belong to everyone.” The publishers, however, clearly don’t agree with the library framing, noting libraries can be trusted; pirate sites not.

“Libraries are trusted institutions that serve the communities that fund them by lending books and other publications they have lawfully acquired. Using this label for WeLib explicitly misleads the public and allows WeLib to hijack the goodwill that libraries enjoy and have legitimately earned.”

“WeLib is no more than a pirate website that reproduces and distributes works of authorship owned by others to users for a profit, without authorization from or compensation to the copyright owners,” the complaint adds.

The complaint notes that WeLib’s operators made efforts to keep their identities hidden. However, the site itself quickly became a go-to portal for many book pirates.

The complaint notes that, by WeLib’s own account, its collection includes 43 million books and 98 million articles. The site reportedly has over 80,000 active monthly users who accessed more than 51.7 million books and downloaded 14.5 million files last month.

While the site can be used for free, users can pay for fast downloads and to skip the queue. Subscriptions start at $7 per month for 25 fast downloads and 25 fast reads per day; while the top tier costs $90 a month for 1,000 daily downloads.

These payments, or “donations” as WeLib calls them, can be made through cryptocurrency, WeChat, and Alipay. They are allegedly processed through a company called Malum.co, which offers payment services to high-risk vendors, without the need for any KYC identity checks.

Damages and Domain Seizures

The complaint lists a sample of 130 copyrighted works as evidence. This mirrors the Anna’s Archive lawsuit, where the court awarded $150,000 per work, which is the statutory maximum, resulting in a total of $19.5 million.

In addition to the monetary damages, the publishers are also seeking a permanent injunction that aims to take the site offline. They ask the court to order third-party registries, registrars, and hosting providers to disable WeLib’s domains and render them untransferable.

This also includes a specific request to disable the authoritative nameserver for the .st domain, registered through Njalla, a Costa Rica-based registrar that is not necessarily responsive to U.S. court orders.

The AI Training Conundrum

As with other recent publisher lawsuits, the complaint also mentions AI training. Specifically, it alleges that WeLib supplies copyright infringing data to AI companies.

“WeLib has also been an illegal supplier of stolen content to the AI industry. In a recent lawsuit, publishers alleged that Meta utilized WeLib to train their Llama models,” the complaint reads.

The recent lawsuit they refer to is Elsevier Inc. v. Meta Platforms which is filed by several of the same publishers through the same law firm, Oppenheim + Zebrak. However, what that complaint actually says about WeLib is more specific and not in line with the current case.

The Elsevier v. Meta complaint describes WeLib as a source found within C4 training dataset Meta used, but identifies it as “formerly known as PDF Drive.” This dataset was built years ago from a Common Crawl snapshot and predates WeLib and even Anna’s Archive.

More confusingly, the complaint against WeLib that was filed this week makes no mention of it formerly being known as “PDF Drive”, or the C4 dataset for that matter.

According to our knowledge, there is no evidence that content hosted by WeLib was included in the C4 database. All we can confirm is that the database does include “PDF Drive” data and that the pdfdrive.com domain redirected to the new WeLib site at some point.

PDF Drive is a long-running PDF hosting site that has operated for years, predating Anna’s Archive entirely. It has no documented connection to Anna’s Archive’s codebase or collection. Whether it shares more than a domain redirect with the WeLib now being sued is unclear.

The publishers’ framing of WeLib as an active AI training pipeline may be getting ahead of the evidence. For now, WeLib has yet to respond. However, since anonymous operators typically don’t show up in court, this case may also copy Anna’s Archive’s path, heading to a default judgment.

—
A copy of the complaint, filed by Oppenheim + Zebrak on behalf of the thirteen plaintiff publishers, is available here (pdf) .

From: TF , for the latest news on copyright battles, piracy and more.

In a complaint filed at a Nashville federal court in 2023, Universal Music, Sony Music, EMI and others, accused X Corp of “breeding” mass copyright infringement .

The social media company allegedly failed to respond adequately to takedown notices and lacks a proper termination policy.

In addition to the alleged legal shortcomings, public comments by X Corp’s boss Elon Musk were also referenced. Specifically, the complaint mentioned that Musk described the Digital Millennium Copyright Act (DMCA) as a “plague on humanity.”

X Corp Books Early Victories

With hundreds of millions in damages on the line, X Corp fought the lawsuit tooth and nail. This resulted in an early win in 2024 , when the court dismissed the music companies’ direct and vicarious copyright infringement claims.

The labels’ contributory infringement claims were partially dismissed, but Judge Trauger allowed the music companies to continue the case based on this remaining claim.

Proving contributory copyright infringement isn’t easy, however, and it became even more of a challenge when the Supreme Court raised the infringement bar in Cox v. Sony Music this year.

X Wants ‘Retrofitted’ Complaint Dismissed

After the Cox ruling, the music publishers filed a Second Amended Complaint under seal. While this copy remains outside the public eye today, X Corp filed a motion to dismiss it this week, which partly lifts the veil.

As expected, the music companies are trying to keep their case alive by reframing it as an “inducement” claim. That is the only surviving contributory liability claim in this case under the new standard.

X Corp clearly disagrees and the company filed a motion to dismiss the amended complaint a few days ago. The company notes that the music publishers’ attempt to “retrofit” an inducement claim is simply not supported by the provided evidence.

“Plaintiffs’ attempt to retrofit an inducement theory fails as a matter of law because the allegations suggest only insufficient action to prevent infringement, which Cox and other cases have held cannot support an inducement claim,” X Corp writes.

“[Truncated] DMCA Is a Plague On Humanity”

The music publishers’ inducement theory partly relies on a handful of public statements by Elon Musk, which they argue demonstrate that X encouraged its users to infringe. This includes the “DMCA plague” tweet.

While we don’t have access to the sealed complaint, X says that the music companies have included a truncated version of the tweet, which misses key context.

Musk was responding to reporting about Senator Hawley’s bill to cap copyright duration at 56 years, and expressing a political opinion that current copyright protection terms are too long.

“Plaintiffs truncate one of Mr. Musk’s posts to pretend that he called “the DMCA” itself a ‘plague on humanity.’ In fact, he said that “Overzealous DMCA is a plague on humanity”,” X writes.

“Plaintiffs’ excision is telling. No reasonable observer could read Mr. Musk’s full comment and think he was inciting infringement. Instead, he was expressing a political opinion – responding to reporting about Senator Hawley’s bill to retroactively cap copyright duration at 56 years.”

X further clarifies that Musk wasn’t flatly against all copyright protection. In a tweet posted a few months later he stressed that reasonable takedown requests are appropriate and will always be supported.

Understandable Frustration

The motion to dismiss adds more context than these tweets alone. It also references the music industry’s alleged threat to start a “massive” takedown notice campaign following a disagreement over licensing.

This is the same dispute that resulted in X’s antitrust complaint against the NMPA, Sony, Universal, and other major music publishers, claiming that they “ weaponized ” the DMCA to force licensing deals.

“Mr. Musk’s understandable frustration with such tactics was not inducement,” X writes.

No Inducement

The Musk tweet argument is colorful, but X’s motion to dismiss cites more arguments. For example, it counters the music publishers’ allegation that X’s platform features including display algorithms, and subscription and advertising systems, showed that X depends on infringing music.

X notes the court already dismissed this argument, noting that general platform features benefit all users equally and say nothing about intent to promote infringement specifically.

The publishers’ failure-to-stop-infringement allegations are not convincing either, X argues.

Much of the amended complaint allegedly returns to the original criticism that X was too slow to remove infringing content and too lenient with repeat infringers. The Cox ruling took away that argument.

As the Supreme Court made clear, contributory liability cannot rest on a provider’s knowledge of infringement and insufficient action to prevent it. That doesn’t qualify as inducement.

After 18 months of discovery, including the production of 150,000 pages and 21 depositions, X says the publishers found nothing that meets the inducement standard. As a result, they want the complaint dismissed.

For now, the motion sits with Judge Trauger. The music publishers will file their response, and the court will decide whether the Second Amended Complaint survives or whether Cox will effectively end this case.

—

X Corp’s motion to dismiss and supporting memorandum, filed at the U.S. District Court for the Middle District of Tennessee, are available here (pdf) and here (pdf) .

From: TF , for the latest news on copyright battles, piracy and more.