Cloudflare Ordered to Reveal Operators of Popular Pirate Sites

Obtaining the personal details of individuals behind pirate sites is rarely straightforward.

When they’re visible at all, domain registrations can be hidden behind privacy services, faked, or even both, while hosting companies tend not to comply with demands to reveal information when they’re unsupported by a valid court order.

One of the methods increasingly deployed in recent times is to target a potential weak spot. Thousands of pirate sites use the services of CDN company Cloudflare and as a US-based entity, Cloudflare is compelled to comply with the orders of the court. So, with copyright infringement allegations in hand, rightsholders apply for a so-called DMCA subpoena to force Cloudflare to hand over site operators’ personal details.

This tactic was recently used by Shogakukan, one of Japan’s largest publishers of manga content. In an application for DMCA subpoena filed at a California district court this month, lawyers for the company explained that in order to protect its copyrighted content, Shogakukan needs to identify the people behind two domains – and screenshot

“It has recently come to Shogakukan’s attention that certain users of your services have unlawfully published and posted certain contents on the website located at [ and],” the application reads.

“We demand that you immediately disable access to the Infringing Work [detailed in the image below] and cease any use, reproduction, and distribution of the Original Work. Specifically, we request that you remove or disable the Infringing Work from [the websites] or any of your system or services.”

Shogakukan Infringed Works

In all but a slight domain difference, and seem identical. They both offer manga titles in ‘raw’ format and enjoy a decent number of visitors – around five million per month per domain according to SimilarWeb stats.

Manga1000 enjoys slightly more traffic at around 5.1 million visits per month which means it’s almost ready to break into the list of Top-500 most-visited sites in Japan, period.

Shogakukan has taken interest in both domains more recently, filing DMCA takedown complaints with Google to delist more than 500 URLs. Now, however, it appears to have more concrete legal plans on the horizon, demanding that Cloudflare spills the beans on its allegedly pirating customers.

The DMCA subpoena, which was duly signed off by the court, now compels Cloudflare to hand over highly-detailed information.

That includes all information sufficient to identify the operator and/or owner of both sites who “uploaded, hosted, and/or contracted with another provider to host the infringing content” owned by the publisher. Shogakukan also demands billing and administrative records that reveal the infringers’ names, physical addresses, telephone numbers, email addresses, credit card numbers, and hosting providers, plus any and all logs of IP addresses.

Cloudflare is required to present the relevant details to Shogakukan’s legal team in San Francisco by June 5, 2020, but whether that request will lead to any useful information remains to be seen.

As reported last September, Shogakukan and three other major manga publishers previously sued Mangamura ‘replacement’ site Hoshinoromi in a New York federal court, noting that Cloudflare was helping the site’s operators to conceal their identities.

Earlier this month, however, the publishers filed a notice of voluntary dismissal after months of work trying to identify the operators of the site ended without bearing fruit. Back in February, a lawyer for the plaintiffs told the court (pdf) that the defendants had “gone to considerable lengths to conceal their identities and avoid legal process.”

After the court granted the publishers’ request for expedited discovery, the publishers served subpoenas on four Internet companies that provided services to Hoshinoromi, demanding that they hand over information on the defendants. While they received plenty of information back, things didn’t go especially well.

After receiving dozens of files including technical logs containing 1,000 unique records and more than 100 unique IP addresses spanning a 16-month period, the publishers were forced to hire an outside consulting company to perform an analysis of the data. In the end, however, none of the data personally identified the operators of Hoshinoromi.

Shogakukan will be hoping for a better result this time around.

Shogakukan’s application for DMCA subpoena against Cloudflare be found here (pdf)

From: TF, for the latest news on copyright battles, piracy and more.


MPA/ACE Wants Cloudflare to Identify Operators of Nites Pirate Streaming Site

There are many strategies for disrupting the activities of pirate sites and services. Blocking, for example, leaves sites intact but aims to prevent users from visiting platforms so easily.

This presents a window of opportunity for pirates who through VPNs, proxies and mirror platforms, can still access the sites in question. A much more permanent option is shutting services down completely, a tactic currently being deployed by the Motion Picture Association and global anti-piracy coalition ACE, the Alliance For Creativity and Entertainment.

While details are hammered out behind the scenes, ACE – which is headed up by the studios of the MPA plus Netflix and Amazon – reaches agreements with site operators to shut down their operations. This can sometimes involve a cash settlement (such as in the Openload case) but the most visible sign is the handing over of domain names to the MPA, to prevent any resurrection.

This appears to have been the plan behind the recent closure of, a polished streaming and torrent platform that rapidly grew in popularity over the past several months. In April, following an announcement that it was shutting down to protect copyrights, disappeared and its domain was eventually taken over by the MPA. However, that wasn’t the end of the matter.

This week, an almost perfect clone of reappeared under a new domain, It has all of the features of the old site with identical functionality, suggesting that the ACE action to shutter the original site had been seriously undermined. Who is behind this reincarnation isn’t known but several major Hollywood studios are now trying to find out.

In an application for a DMCA subpoena filed at a California court this week, Jan Van Voorn, the Executive Vice President and Chief of Global Content Protection at the MPA, explained that infringing on the rights of Paramount Pictures, Sony Pictures, Universal City Studios, Walt Disney Studios Motion Pictures, Warner Bros. Entertainment, Amazon Content Services and Netflix Studios.

“The purpose for which this subpoena is sought is to obtain the identities of the individuals assigned to these websites who have exploited ACE Members’ exclusive rights in their copyrighted motion pictures without their authorization,” the application reads.

“This information will only be used for the purposes of protecting the rights granted to ACE Members, the motion picture copyright owners, under Title II of the Digital Millennium Copyright Act.”

The companies, all members of ACE and represented by the MPA, request an order that would compel Cloudflare to hand over the personal details of the entities behind That information, according to the MPA, should include names, physical addresses, IP addresses, telephone numbers, email addresses, payment information, account updates and account histories.

What happens next is dependent on a few factors, starting with the information held by Cloudflare. Presuming the subpoena is granted, the big question is whether the CDN company has any useful information to hand over to the MPA. If it doesn’t, the trail could go cold, at least for now. If Cloudflare does have pertinent details, however, then the people behind can expect a follow-up from the MPA.

The big question is whether those people, whoever they might be, are the same people as those behind If they are (and presuming a settlement agreement was signed with the MPA/ACE to shut down permanently), then it will be a question of whether MPA/ACE are open to another settlement or in light of any breach, feel inclined to take the matter further.

ACE does not respond to requests to comment on any ongoing cases so at least for now, it will be a waiting game to see how this plays out.

The DMCA subpoena application documents can be found here (1,2,3)

From: TF, for the latest news on copyright battles, torrent sites and more. We also help you to find the best anonymous VPN.


‘Pirate’ iTunes Download Site and Three Others Targeted By the RIAA

Despite the fact that most modern music is readily available for free on ad-supported platforms such as YouTube and Spotify, a thriving market for pirated content remains.

While streaming is convenient and mostly cheap, part of the lure of pirate sites is that music can be downloaded to users’ machines, to be played back whenever they like, with or without an Internet connection and associated costs.

The threat from unlicensed sources is actively countered by groups such as the RIAA, which is regularly seen targeting so-called YouTube-downloader sites via legal action and DMCA anti-circumvention notices. However, there are also efforts to identify the people behind these sites and the weapon of choice in that respect appears to be the DMCA subpoena.

The latest, filed by the RIAA at a district court in Columbia, targets a handful of unlicensed music platforms, all of which use or have used the services of Cloudflare. The theory is that the CDN company holds information on the operators of these sites so if the RIAA can gain access to that too, something can be done to disrupt their activities.

“We have learned that your service is hosting the below-referenced websites on its network,” the RIAA’s latest subpoena to Cloudflare reads.

“These websites are offering recording s which are owned by one or more of our member companies and have not been authorized for this kind os use, including without limitation that referenced at the URLs below. We have a good faith belief that this activity is not authorized by the copyright owner, its agent, or the law.”

The first unlicensed site targeted by the RIAA is, a music download site that appears to specialize in tracks culled from iTunes.

iPlusFree isn’t a particularly big platform when compared to some of the most popular YouTube-ripping sites and if anything its traffic has been reducing over the past several months. However, at least a quarter of the site’s traffic comes from the United States so the RIAA appears keen to unmask its operators for offering tracks by prominent artists without permission.

They include The Other Side (SZA & Justin Timberlake), Rare by Selena Gomez, and A Boogie wit da Hoodie by Artist 2.0.

The three other sites listed in the DMCA subpoena do not appear particularly popular in the United States. However, the RIAA will be concerned by their popularity in South America, Brazil in particular, where the trio are thriving.

From virtually no traffic at all six months ago, (Portuguese: ‘The Best’) is now enjoying more than 360,000 visits per month, with 97% of users hailing from Brazil. (Portuguese: ‘Download Complete CDs’), the second most-trafficked site in the list with 340,000 visits per month, is also big in Brazil with a similar percentage of traffic.

With more than 218,000 visits per month according to SimilarWeb, is also dominated by traffic from the same region. Unlike the others, however, the site also offers non-musical content including movies, TV shows, software and games.

This trio are accused of offering unlicensed copies of tracks from Red Hot Chili Peppers (Scar Tissue), Smells Like Teen Spirit (Nirvana), Sexx Dreams (Lady Gaga), Daydream (Maria Carey), plus several others.

“As is stated in the attached subpoena, you are required to disclose to the RIAA information sufficient to identify the infringers,” the letter to Cloudflare reads. “This would include the individuals’ names, physical addresses, IP addresses, telephone numbers, e-mail addresses, payment information, account updates and account history.”

The subpoena was signed off by a court clerk in the District of Columbia three days after it was filed, with two of those days covered by a weekend. It requires Cloudflare to hand over the personal details requested by the music industry group by 17:00 on March 13, 2020.

Whether Cloudflare holds any useful information will remain to be seen. All four sites are operational at the time of writing.

The RIAA’s subpoena to Cloudflare can be obtained here (pdf)

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.


Cloudflare Geo-Blocks 22 Pirate Sites in Italy Following Court Order

As one of the leading CDN and DDoS protection services, Cloudflare is used by millions of websites across the globe. This includes many pirate sites.

In recent years many copyright holders have complained about Cloudflare’s involvement with these platforms.

Thus far the U.S. company has refused to take any action without a court order. In various legal proceedings, Cloudflare argued that it’s a neutral third-party service that merely caches content. Even when Cloudflare disconnects customers, their associated sites remain operational.

This week Cloudflare published its latest transparency report which makes this stance clear. For example, the company stresses that it doesn’t respond to DMCA notices by removing cached content. Instead, it forwards the notices to the respective customers.

According to Cloudflare, it received only three DMCA notices in 2019 that identified permanently stored content. These were dealt with appropriately. The rest of the notices were passed on to clients.

While this policy isn’t new, the transparency report also highlights a new phenomenon. According to Cloudflare, the company has started to block visitors from Italy accessing 22 domain names, following a local court order.

Cloudflare reports that an Italian court ordered the company to block access to the domains of several copyright-infringing websites. This took place last summer but as far as we know the case remains unreported in the media.

“Pending further litigation, Cloudflare took steps in July 2019 to disable access to those websites to the extent that they used Cloudflare’s services to respond to requests from Italy or used Cloudflare equipment in Italy,” Cloudflare writes.

“The court order included requests related to 131 domains and 15 accounts. Cloudflare took action to geoblock 22 domains that were using our service at the time the order was issued,” the company adds.

The domains in question are not blocked outside of Italy, but which domains are affected by the geo-blocking efforts is unknown. Cloudflare didn’t respond to our request for further details.

We also asked several legal representatives of copyright holders in Italy, but they couldn’t point us to the underlying order either.

There is a related Cloudflare case in Italy which we previously reported on. In a ruling in favor of Italian broadcaster RTI, handed down by the Commercial Court of Rome last June, Cloudflare was ordered to immediately terminate the accounts of several pirate sites. There was, however, no mention of geo-blocking or blocking in general.

TorrentFreak spoke to RTI’s attorney Alessandro La Rosa who says that the pirate sites involved in the RTI case still use the services and infrastructure provided by Cloudflare. He is not aware of any blocking efforts either.

If more details become available on the geoblocking targets we will update this article accordingly.

Italy is not the only country where Cloudflare is taking action against pirate sites. The transparency report also confirms that it reached an agreement with several large manga publishers in Japan, as we reported last month.

“As part of the resolution of a lawsuit in Japan, Cloudflare has come to an agreement with certain Japanese publishers to clear existing cached content and cease caching in Japan for certain websites determined by the Tokyo District Court to be infringing copyright,” Cloudflare writes.

The above shows that while Cloudflare may indeed be a neutral service provider, it can and does take steps to curb copyright infringement on occasion. It remains to be seen whether the two legal issues detailed above are just the start and whether new demands will appear moving forward.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.


Cloudflare Agrees to Stop Caching Pirate Content in Japan, If Court Declares Sites Illegal

As the largest CDN and DDoS mitigation service on the planet, Cloudflare provides services to millions of websites.

A tiny proportion of these sites are on the radars of entertainment and publishing companies since they either directly offer or link to unlicensed copies of copyrighted works. As a result, Cloudflare is under almost continual pressure to cease doing business with these entities.

As first reported here on TF in September 2019, Japan-based publishers Shueisha, Kadowaka, Kodansha, and Shogakukan sued the ‘pirate’ site Hoshinoromi in a New York federal court. The platform, which positioned itself as a replacement for self-shuttered pirate site Mangamura, was accused of “willful and massive infringement” of the publishers’ copyrights.

That case is still ongoing and according to a filing late last week (pdf), the publishers are having considerable difficulty identifying and serving the defendants, so need an extension. Cloudflare was mentioned in that lawsuit too and it now transpires that the same publishers previously targeted the CDN company in a Japan court back in 2018.

In common with other lawsuits in Japan, details are hazy. However, according to a joint statement issued late last week, Shueisha, Kadowaka, Kodansha, and Shogakukan filed a motion at the Tokyo District Court in August 2018 with a demand that Cloudflare should stop providing services to several ‘pirate’ platforms, Hoshinoromi included. Due to caching, that amounted to Cloudflare delivering infringing content to the public, they argued.

For reasons that appear related to the ongoing case in the United States, they have waited until now to reveal a settlement of sorts with Cloudflare. It was reportedly reached in June 2019 and seems to hinge on whether a court determines that the ‘pirate’ sites in question are copyright-infringing and therefore illegal.

The publishers’ statement indicates that when the ‘pirate’ sites using Cloudflare are viewed by users in Japan, most of those users will be accessing them via Cloudflare’s Japan-located servers. So, if the Tokyo District Court rules that the sites are illegal, Cloudflare has reportedly agreed to “stop the replication of the sites to Cloudflare’s servers in Japan.”

At least in part, the announcement is designed to be a warning to other ‘pirate’ sites that may be considering using Cloudflare’s services to improve uptime and general accessibility. Whether it will make much of a difference on the ground remains to be seen, however.

While this particular matter appears to be settled, last December Cloudflare was sued by Takeshobo, another major publisher based in Japan that distributes dozens of manga publications, many under the Bamboo Comics label.

The publisher said it was forced to sue Cloudflare because takedown notices sent to the CDN company in respect of a nameless ‘pirate’ site were effectively ignored, allowing infringing material to stay online via Cloudflare’s services. Progress in that particular case is unknown but the settlement with Shueisha, Kadowaka, Kodansha, and Shogakukan may provide a possible solution for Takeshobo.

Cloudflare is obviously extremely cautious when faced with similar lawsuits, always insisting that as a service provider it is not responsible for the activities of its users. Last week, however, the effects of a ruling handed down in December by a German court saw Cloudflare disconnect pirate music platform DDL-Music under the threat of serious fines.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.


Court Orders Cloudflare to Prevent Access to Pirated Music or Face Fines or Prison

Earlier this week, Germany-focused music piracy site suddenly became inaccessible to the public. The site had been using the services of Cloudflare but an unusual error message suggested that the US-based company had stepped in disrupt the site’s activities.

‘Error HTTP 451’ is displayed by Cloudflare when a site is “Unavailable For Legal Reasons” and at least as far as pirate sites are concerned, its appearance is very rare indeed. Cloudflare’s documentation indicates that the message should be accompanied by a reason for the response, noting that it “should include an explanation in the response body with details of the legal demand.”

As the image above shows, no explanation was provided by Cloudflare but an investigation by Tarnkappe, details of which were shared with TorrentFreak, now reveals the unusual circumstances behind DDL-Music’s disconnection.

Early June 2019, Universal Music GmbH (Germany) reportedly sent a copyright infringement complaint to Cloudflare after finding links on DDL-Music to tracks from the album Herz Kraft Werke by German singer Sarah Connor. The tracks themselves were not hosted by DDL-Music but could be found on a third-party hosting site. Universal wanted the tracks to be rendered inaccessible within 24 hours but Cloudflare didn’t immediately comply.

Universal Music reportedly followed up with a warning to Cloudflare on June 19, 2019, demanding information about DDL-Music and its operators. A day later, the CDN company responded by declaring that it’s not responsible for its customers’ activities and Universal should deal with the website’s operator and/or webhost. However, Cloudflare did provide Universal with an email address along with details of DDL-Music’s hosting provider, supposedly in Pakistan.

With an obvious dispute underway, a hearing took place at the Cologne District Court (Landgericht Köln) on December 5, 2019. Lars Sobiraj of Tarnkappe, who obtained documentation relating to the hearing, informs TF that the Court ultimately determined that Cloudflare could be held liable for infringement of Universal Music’s copyrights by facilitating access to the tracks via DDL-Music, if it failed to take action.

This “liability as a disturber” (Störerhaftung) comes into play when a service (in this case, Cloudflare) contributes to a third-party’s infringement, without the element of intent. Under German law, however, the service can be held liable for infringement, if it fails to take reasonable action to prevent infringement in future.

On January 30, 2020, the Cologne District Court handed down a preliminary injunction against Cloudflare. This was received at the Hamburg offices of Cloudflare’s law firm TaylorWessig on February 4, 2020. It informed Cloudflare that should it continue to facilitate access to the Universal Music content detailed above, it could be ordered to pay a fine of up to 250,000 euros ($270,000) or, in the alternative, the managing director of Cloudflare could serve up to six months in prison.

In the event, however, Cloudflare appears to have taken the decision to jettison DDL-Music completely, as indicated by the Error 451 message that appeared a few days ago. The district court’s decision can be appealed but whether Cloudflare will take that route is currently unknown. Despite requests from TF for comment, the company has remained silent.

Meanwhile, DDL-Music appears to be migrating to DDoS-Guard, a CDN and DDoS mitigation platform that according to its website is registered in Scotland but is most probably based in Russia. Or the Netherlands, if its Twitter account is to be believed.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.


Cloudflare Blocks Access to Pirate Site For “Legal Reasons”, Displays Rare 451 Error

As one of the most important infrastructure companies on the entire Internet, Cloudflare often finds itself embroiled in copyright disputes of other entities’ making.

Along with millions of other ‘normal’ websites, ‘pirate’ sites often use Cloudflare’s services. The CDN company has a stated aim of remaining a neutral intermediary but entertainment industry groups see the company as helping to facilitate piracy by assisting sites to more efficiently stay online while rendering their true locations harder to find.

While sites like The Pirate Bay, for example, are using Cloudflare’s services trouble-free at this very moment, the same cannot be said of Germany-focused music piracy site

This morning, Tarnkappe informed TorrentFreak that visitors to the platform utilizing German IP addresses were being blocked by Cloudflare. While these kinds of claims are relatively common given the sometimes unreliable nature of pirate sites, in this case clarity is being provided by the CDN company itself, which clearly states that it has taken action.

Tests carried out for TF using the German-based IP address listed above returned a rare “Error HTTP 451” which, as the image shows, is deployed when a site is “Unavailable For Legal Reasons.” Tests carried out by us from IP addresses elsewhere in Europe accessed the site without issue, perhaps suggesting that any “legal reason” may be specific to German territory.

This is the first time that we’ve seen an Error HTTP 451 displayed by Cloudflare when attempting to access a pirate site. The special HTTP status code was approved by the Internet Engineering Task Force (IETF) back in 2015 as a more informative alternative to the “403 Forbidden” code utilized by some ISPs engaged in blocking.

“A really good Error 451 message would tell their customers how to challenge a block, how long the block’s expected to last, where the relevant legal documents are and which legal authority imposed the blocking order,” the 451 Unavailable project wrote at the time.

A nod towards providing this additional information is actually mentioned in Cloudflare’s own 4XX error code documentation that was updated only this month.

“Server is unable to deliver the resource due to legal actions,” the notes against Error 451 read. “The response should include an explanation in the response body with details of the legal demand.”

As the above screenshot of the Cloudflare error shows, no explanation for the blocking is provided. Why that is the case is currently unknown since Cloudflare has yet to respond to our request for comment. However, DDL-Music’s status as an obvious pirate site (and one with a history of being targeted by copyright groups) leads us towards a theory that Cloudflare may have been placed under pressure.

With that in mind, it’s perhaps helpful to look at the recent history surrounding ISP blockades of pirate sites in Germany and how they have played out, mostly without direct intervention from the courts.

In March 2019, Vodafone told TorrentFreak it had implemented a blockade of pirate platform following a notification from local music rights group GEMA, an action duplicated by its service provider 1&1. Around the same time, Vodafone also began blocking DDL-Music. Kabel Deutschland is also known to block access to the music platform.

The companies believe that principles established by the Federal Court of Justice require them to do so, without a specific court order.

On the same basis, Vodafone previously blocked access to several other ‘pirate’ sites including,, Libgen and

Whether Cloudflare is following a similar pattern of behavior with its restriction of DDL-Music is currently unknown but we will update this article as soon as the company responds.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.