• Sp chevron_right

    Cloudflare plans to eat Proofpoint's lunch? / spam_resource · Monday, 11 October - 12:00 · 1 minute

Here's one I almost missed, from a couple of weeks ago: According to Wired, Cloudflare is moving into the email security space . The goal? To better protect against email-delivered threats (think phishing). They see a gap there; one I've noticed myself.

From the article Cloudflare Is Taking a Shot at Email Security by Lily Hay Newman: "Prince says that Cloudflare employees have been “astonished by how many targeted threats were getting through Google Workspace,” the company's email provider. That's not for lack of progress by Google or the other big providers on anti-spam and anti-malware efforts, he adds. But with so many types of email threats to deal with at once, strategically crafted phishing messages still slip through. So Cloudflare decided to build additional defense tools that both the company itself as well as its customers could use."

I'm using a bit of cheeky hyperbole up there in my choice of title, but this does tee up Cloudflare to end up competing more directly with companies like ProofPoint, and it highlights how even a well-tuned solution like ProofPoint email protection or even Google's best efforts might have some edge cases where they don't catch everything, leaving an opportunity for competition to come in and try to do something better. I think that's a good thing. And I personally would like to see more draconian filtering of bad actors doing the really bad stuff. And if it makes Cloudflare some money along the way, good for them.

Značky: #proofpoint, #news, #google, #cloudflare, #Network, #wired

  • chevron_right

    Cloudflare doesn’t have to cut off copyright-infringing websites, judge rules / ArsTechnica · Thursday, 7 October - 18:43

A copyright infringement notice lying on a desk next to a keyboard

Enlarge (credit: Getty Images | designer491)

Cloudflare is not liable for the copyright infringement of websites that use its content-delivery and security services, a federal judge ruled yesterday.

Cloudflare was sued in November 2018 by Mon Cheri Bridals and Maggie Sottero Designs, two wedding dress manufacturers and sellers that alleged Cloudflare was guilty of contributory copyright infringement because it didn't terminate services for websites that infringed on the dressmakers' copyrighted designs. The companies sought a jury trial, but Judge Vince Chhabria yesterday granted Cloudflare's motion for summary judgment in a ruling in US District Court for the Northern District of California.

Chhabria noted that the dressmakers have been harmed "by the proliferation of counterfeit retailers that sell knock-off dresses using the plaintiffs' copyrighted images," and that they have "gone after the infringers in a range of actions, but to no avail—every time a website is successfully shut down, a new one takes its place." Chhabria continued:

Read 16 remaining paragraphs | Comments

  • Ko chevron_right

    Comment mettre à jour une zone DNS Cloudflare quand on a une IP Dynamique ? / Korben · Monday, 10 May, 2021 - 07:00 · 1 minute

Si vous hébergez un serveur web accessible via une IP dynamique, vous connaissez sans doute des outils merveilleux comme DynDNS, NoIP, ou encore Prout (hé oui) .

Mais si vous voulez allier la puissance des services de Cloudflare (pour le cache, la sécurité, la protection DDoS…etc.), à un hébergement local et donc une IP dynamique, c’est possible !


GoDNS est un client de DNS dynamique écrit en Go comme son nom l’indique qui supporte plusieurs services dont Cloudflare, ce qui vous permet depuis un Linux, un mac, un Windows, de mettre à jour la zone DNS associée à votre nom de domaine, automatiquement en cas de changement d’adresse IP.

Tableau comparatif services DNS GoDNS

CloudFlareDDNS Updater Client

Cet outil est open source également, mais fonctionne uniquement sous Windows. Il s’agit d’un outil qui peut se lancer comme service et qui se configure avec la clé API de votre Cloudflare pour mettre à jour la zone DNS de ce dernier.

Cloudflare DDNS

Même idée ici, sauf que Cloudflare DDNS a été conçu spécifiquement pour le Raspberry Pi, afin d’aider à l’adoption de l’auto hébergement. L’idée ici c’est de donner accès à votre réseau local et ses services depuis n’importe où sur Internet.

Logo Cloudflare DDNS


DNSTube quant à lui est accessible uniquement sous Windows et permet de changer chaque élément de sa zone DNS Cloudflare avec une adresse IP dynamique. An AAAA, SPF, TXT…etc. peuvent ainsi être updatés y compris avec un timer.

DnsTube interface
  • Pictures 1 image

  • visibility
  • To chevron_right

    Cloudflare Doubts DMCA Takedown Company’s Fake Employee and Special Bots / TorrentFreak · Thursday, 8 April, 2021 - 20:42 · 4 minutes

cloudflare logo Popular CDN and DDoS protection service Cloudflare has come under a lot of pressure from copyright holders in recent years.

The company offers its services to millions of sites, some of which offer access to copyright-infringing material.

Cloudflare prefers to remain a neutral service provider and doesn’t terminate clients based on DMCA notices. Instead, it forwards these to its customers, only taking action when it receives a court order.

Repeat Infringer Lawsuit

This stance is not appreciated by all rightsholders and in 2018 the service was taken to court over the issue. The case wasn’t filed by major entertainment companies, but by two manufacturers and wholesalers of wedding dresses. Not a typical “piracy” lawsuit, but it’s a copyright case that could have broad implications.

In a complaint filed at a federal court in California , Mon Cheri Bridals and Maggie Sottero Designs argued that even after multiple warnings, Cloudflare fails to terminate sites operated by counterfeit vendors. This makes Cloudflare liable for the associated copyright infringements, they said.

Cloudflare disagreed and both sides are now conducting discovery to collect evidence for an eventual trial. Among other things, the wedding dress manufacturers were asked to hand over detailed sales records. In addition, the CDN provider is also interested in the companies’ DMCA takedown partner XMLShop LLC.

Cloudflare Wants DMCA Takedown Evidence

Over the past few months, Cloudflare has tried to get further information on how XMLShop, which is also known as Counterfeit Technology , collects evidence for its takedown notices.

These takedowns play a central role in the lawsuit and XMLShop and its employees could provide crucial information. Thus far, however, Cloudflare hasn’t been able to get what it wants.

To resolve this issue, Cloudflare submitted a motion asking the court to compel the DMCA takedown company to comply with its requests for information. According to their filing, the company may be holding back important evidence.

“Plaintiffs and XMLShop, who use the same counsel, appear to be using XMLShop’s status strategically as a ‘non-party’ to conceal relevant documents from Cloudflare. The Court should reject their gamesmanship,” Cloudflare informed the court.

After serving two subpoenas, the takedown company only produced one document, Cloudflare notes. Meanwhile, the publicly available information on the company is highly confusing or even misleading.

Who Works at XMLShop?

For example, Cloudflare would like to question XMLShop’s employees, but the company hasn’t handed over an employee directory or payroll log that would reveal who works at the company.

“XMLShop has not been forthright about its operations, leaving Cloudflare in the dark as to who else may be a witness with relevant knowledge,” Cloudflare writes.

According to XMLShop’s attorney, the company only has one employee named Suren Ter-Saakov, but this claim is contradicted by its own website and Linkedin.

“XMLShop’s own public statements contradict its counsel’s statement. Its website boasts ‘a big team of professionals working in three offices, located in Ukraine, the United States, and Dominican Republic.

“And a LinkedIn profile for an individual named Blair Hearnsberger represents that she or he is the CEO at Counterfeit Technology,” Cloudflare adds.

Fake Profile

According to the takedown company’s attorney, this profile is fake and Blair Hearnsberger does not actually exist, but Cloudflare is not convinced. Therefore, it hopes that the court will compel XMLShop to verify who works at the company and in what roles.

In addition to finding information on possible employees, Cloudflare also requests further information on the software that Counterfeit Technology used to find infringing content.

Special Takedown Bots?

The wedding dress manufacturers claimed that their takedown partner “scours the internet with special bots designed to locate and identify the unauthorized use” but it’s unclear how this technology works.

Cloudflare would like to assess the software to see how accurate it is, especially since the company states that it spends only 10 seconds sending notifications of claimed infringement to all traffic sources.

“Its use — and the reliability — of that technology is at least relevant to the predicate allegations of direct infringement it asserts. It is also relevant to Cloudflare’s contention that it never received any notifications of claimed infringement from Counterfeit Technology that were valid,” Cloudflare writes.

The CDN provider asked the court to compel XMLShop to produce the subpoenaed documents. In addition, XMLShop should be held in contempt for failing to obey the subpoena and ordered to pay the legal costs Cloudflare incurred to submit the motion.

This week, XMLShop responded to the request stating that it has already produced everything it could. It views the remaining requests as incredibly broad, since these ask for “sensitive” trade secret information. It is now up to the court to make a final decision.

A copy of Cloudflare’s memorandum in support of its motion to compel XLMshop to comply with the subpoena is available here (pdf).

. XMLShop’s response can be found here (pdf).

From: TF , for the latest news on copyright battles, piracy and more.

  • To chevron_right

    Cloudflare Must Block Pirate IPTV Services, Appeals Court Confirms / TorrentFreak · Wednesday, 17 February, 2021 - 15:14 · 3 minutes

IPTV CDN provider Cloudflare is one of the leading Internet companies, providing services to millions of customers large and small.

The service positions itself as a neutral intermediary that passes on traffic while making sure that customers remain secure. Its userbase includes billion-dollar companies such as IBM, Shopify, and L’Oreal, but also countless smaller outlets.

With a company of this size, it comes as no surprise that some Cloudflare customers are engaged in controversial activities. This includes some pirate sites and services, which have landed Cloudflare in court on several occasions.

Last year there were two prominent cases against Cloudflare in Italy. In the first one, football league Serie A and Sky Italy requested Cloudflare to block the unauthorized IPTV service “IPTV THE BEST” and in a similar case, rightsholders wanted “ENERGY IPTV” blocked.

Cloudflare Appeals Blocking Injunctions

Cloudflare lost both cases and was ordered to block the services in question. While the company hasn’t commented on the legal actions in detail, it decided to appeal the two injunctions at the Milan court.

Last Friday, the court ruled on the “IPTV THE BEST” case, confirming that Cloudflare is indeed required to block access.

In its defense, Cloudflare argued that it doesn’t provide hosting services but merely passes on bits and bytes. In addition, it pointed out that the IPTV service could still remain active even if its account was terminated.

Cloudflare Facilitates Access

The court was not convinced by these arguments and concluded that Cloudflare contributes to the infringements of its customer by optimizing and facilitating the site’s availability.

“It is in fact adequately confirmed that Cloudflare carries out support and optimization activities to showcase sites, which allow the visibility and advertising of illegal services,” the court concluded.

That the IPTV service could continue without using Cloudflare is irrelevant, the court stressed.

In addition, the court confirmed that copyright holders are entitled to these types of protective blocking measures, even if the activity of the online intermediary itself is not directly infringing.

Dynamic Orders

The Milan court reached the same conclusion in Cloudflare’s appeal against the “ENERGY IPTV” injunction, which was decided yesterday. In both cases, the court also confirmed that the injunctions are “dynamic”, which means that if the IPTV services switch to new domains or IP-addresses, these have to be blocked as well.

While the ruling is a setback for Cloudflare, copyright holders are pleased. Attorney Simona Lavagnini, who represented Sky Italy, informs TorrentFreak that it will now be easier to hold online services accountable for infringing customers.

“I am pleased to see the position taken by the Court, confirming that injunction orders can be addressed to all providers involved in the provision of services to those who offer illegal contents on the web.

“This principle is now general and includes telecoms as well as passive hosting providers and other services such as CDNs,” Lavagnini adds.

We also reached out to Cloudflare for a comment on these recent court orders but the company didn’t immediately reply. The CDN provider previously confirmed that it has been legally required to block several domains, without going into further detail.

With regard to earlier blocking orders, Cloudflare said that it complies with these in the relevant jurisdictions. In other words, the targeted services remain available in other countries. Whether that’s also the case here is unknown.

Update: The legal team representing the Lega Nazionale Professionisti Serie A (LNPA), which includes Bruno Ghirardi, Stefano Previti, Alessandro La Rosa, and Riccardo Traina Chiarini, is happy with the outcome and told us the following:

“Cloudflare participates in activities that allow the visibility of the illicit services IPTV THE BEST and ENERGY IPTV – also through the storage of data from these sites – and participates in the flow of data in violation of the rights of LNPA.”

“This implies the legitimacy of targeting Cloudflare as a passive subject of the precautionary order, despite the possibility that, in the absence of Cloudflare’s services, illicit access to the protected content would be also possible.”

From: TF , for the latest news on copyright battles, piracy and more.

  • To chevron_right

    Cloudflare Calls For Sanctions Over False Claims in Piracy Lawsuit / TorrentFreak · Saturday, 9 January, 2021 - 21:34 · 3 minutes

cloudflare Earlier this year Texas-based model Deniece Waidhofer sued Thothub for copyright infringement after the site’s users posted many of her ‘exclusive’ photos.

While Cloudflare isn’t new to copyright infringement allegations, this case has proven to be more than a nuisance. The company previously countered the claims with a motion to dismiss, but Waidhofer and her legal team are not backing off.

In an amended complaint some of the most egregious allegations, including the RICO conspiracy, were dropped. However, the copyright infringement claims remain and with two new cosplay models joining the action, the list of defendants has grown.

Last week Cloudflare responded to these new allegations, again denying any wrongdoing. In addition, the company filed a separate motion for sanctions a few days earlier, accusing the defendants of fabricating a fatally flawed theory of contributory copyright infringement.

The issue revolves around Cloudflare’s “ Argo Tunnel ” service, which allows website operators to secure their systems from outside attacks. Put simply, it does so by routing all traffic to a site through Cloudflare’s network via an encrypted tunnel.

The models argue that Thothub used this Argo Tunnel and that the CDN provider could have shut the site down by disabling this service. That would counter Cloudflare’s defense that terminating Thothub’s account would have had a limited impact.

Cloudflare informs the court that the Argo Tunnel wasn’t created to help pirates, but to better secure the sites of its users. Not just that, it notes that Thothub never used this service.

“[I]t is clear that Argo Tunnel is a cyber security product of general applicability, created for and used by thousands of users,” the company writes.

“And fatal to Plaintiffs’ claims, Argo Tunnel was never used by the website or any of its subdomains, which were the alleged source of the direct infringement.”


Cloudflare repeatedly told the defense attorneys that Thothub didn’t use the Argo Tunnel and warned of potential sanctions, but the claims were added nonetheless.

This went a step too far for the CDN provider which is now asking the court to sanction the defendants and their attorneys for failing to conduct a reasonable investigation.

In addition, they should be sanctioned for “knowingly or recklessly maintaining false and frivolous allegations for the improper purpose of harassing Cloudflare with overbroad copyright infringement claims,” the company writes.

Perhaps unsurprisingly, the models and their legal team aren’t happy with the accusations and swiftly fired back this week.

Turning the tables, their detailed reply accuses Cloudflare’s attorneys of failing to conduct a reasonable investigation and failing to provide evidence. For this conduct, Cloudflare’s lawyers should be sanctioned.

“Cloudflare’s counsel’s baseless and insulting accusations impugning Plaintiffs’ counsel’s integrity and professionalism, simply because Cloudflare and its counsel baldly assert the Argo Tunnel allegations are false,” they counter.

“Because the Motion is frivolous and apparently lodged for an improper purpose to circumvent discovery, obtain privileged information, drive up litigation costs, and delay, distract, harass, and intimidate Plaintiffs, it should be denied and Cloudflare should be sanctioned.”

The plaintiffs also provide further information that is supposed to substantiate their claims. Relying on an investigation from a technical expert, who previously worked at Akamai, they conclude that it’s reasonable to believe that Thothub indeed used the Argo Tunnel.

Part of this evidence is based on the “Error 1003 Access Denied: Direct IP Access Denied” message that appeared when accessing one of the site’s Cloudflare IP-addresses.

“Based on independent research, Mr. Bell learned that this error message indicated that the site could be using an Argo Tunnel,” the models’ lawyer writes.

While that may be true, it’s no guarantee. The same error message also appears when one tries to access’s Cloudflare IP-address, and we don’t use the Argo Tunnel.

In addition, the plaintiffs allege that Thothub used server port 8443, arguing that this is “often” used to implement an Argo Tunnel.

At the end of the day, both parties are calling for sanctions over unsubstantiated claims. Cloudflare wants the frivolous Argo Tunnel claims removed from the complaint, while the models seek to punish Cloudflare for its frivolous call for sanctions.

It is now up to the court to decide if any sanctions are indeed needed, but it’s clear that this case is proving to be quite the handful.


Cloudflare’s motion for sanctions is available here and the models’ motion can be found here

From: TF , for the latest news on copyright battles, piracy and more.

  • To chevron_right

    Cosplay Models Want Cloudflare to Stop ‘Indulging’ Pirate Sites / TorrentFreak · Saturday, 19 December, 2020 - 21:40 · 4 minutes

cosplay pirate Earlier this year Texas-based model Deniece Waidhofer sued Thothub for copyright infringement after the site’s users posted many of her ‘exclusive’ photos.

Soon after the complaint was filed Thothub went offline . This prompted Waidhofer to shift priorities.

In an amended complaint, submitted a few weeks ago, Thothub is no longer a defendant. Instead, the lawsuit now focuses on several sites and services that did business with the pirate site, including CDN provider Cloudflare.

Cosplay Models Join Case Against Cloudflare

Another significant change is that Waidhofer is no longer the sole plaintiff. She is now joined by two cosplay artists, Ryuu Lavitz and Margaret McGhee, better known as OMGcosplay . Together, these models have millions of online followers.

When the original case was filed, Lavitz and McGhee hadn’t registered their photos at the Copyright Office. Both submitted their registrations for hundreds of works in September, after which they were able to join the case.

In addition to removing Thothub as a defendant and adding two plaintiffs, some of the strongest allegations were stripped from the original complaint. Cloudflare is no longer alleged to be part of a RICO conspiracy but is accused of direct and contributory copyright infringement.

The models claim that Cloudflare has carved out a competitive niche by serving illegal pirate sites that other large CDN companies like Akamai Technologies would not. It ‘helps’ these sites by concealing the real IP-address and by ‘storing’ their content, it’s alleged.

Motion to Dismiss

Cloudflare replied to these allegations by pointing out that it’s merely a middleman. The company has no knowledge of the traffic that passes through its network and doesn’t store content permanently, in most cases, but simply makes temporary “cache” copies.

“Under Plaintiffs’ wildly expansive theory of liability, the owner of any computer connected to the Internet could potentially be exposed to unlimited liability,” Cloudflare argued, adding that the complaint doesn’t show bad “intent”.

Based on these and various other deficiencies, the CDN provider asked the court to dismiss the case. However, the models disagree and recently submitted several counterarguments.

‘Cloudflare Helps Pirate Sites’

The models argue that Cloudflare was aware of the copyright infringements on Thothub, but chose not to do anything. Instead, it helped the site to cope with vast amounts of traffic so it could stay online. That’s what the site does for other pirate sites as well.

“Cloudflare easily could have limited Thothub’s infringement simply by terminating service, or by not delivering URLs that it had already been notified contained infringing content. But Cloudflare stood behind Thothub instead, as it does regularly for pirates everywhere. Indeed, Cloudflare has made a cottage industry out of indulging pirates.”

insta omgcoplay onlyfans

The plaintiffs say that Cloudflare is liable for contributory copyright infringement. The company’s decision not to take action helped Thothub to stay online and operate more efficiently. That is enough to be held liable, the models argue, referencing the ALS Scan case against Cloudflare.

“Cloudflare enabled Thothub to be operated securely on a vast scale. The law recognizes this as a material contribution that, with knowledge, creates liability,” they write.

Thothub Alternatives Still use Cloudflare

Without Cloudflare, Thothub’s site would have been “overrun and crashed.” Although it may have come back, that ‘simple measure’ would have made a difference, at least briefly. Cloudflare, however, decided not to act and it does the same for many similar sites today.

“The Complaint identifies nearly two dozen other pirate sites — all Cloudflare clients — that are Thothub copycats, including one called that is nearly a direct clone,” the plaintiffs write.

In addition to contributory infringement, the models also accuse the company of direct infringement. They argue that the CDN provider made copies of Thothub files on its own accord and continued copying works after takedown notices were sent.

The reply to Cloudflare’s motion to dismiss is filled with allegations that will eventually have to be backed up with evidence. In addition to focusing on the case at hand, it also references an EU report which concluded that 62% of the world’s top 500 pirate sites use Cloudflare.

Daily Stormer and 8Chan

And, as we predicted a few years ago , Cloudflare’s decision to ban The Daily Stormer is also being brought up.

“Despite serving most of the world’s top pirate sites, on information and belief, Cloudflare has never voluntarily terminated services to a customer for repeat copyright infringement. Cloudflare has, however, voluntarily terminated services for other customer sites, including the American Neo-Nazi group Daily Stormer and the conspiracy website 8chan,” the reply reads.

It is now up to the US District Court for the Central District of California to decide whether the case against Cloudflare should be dismissed, or if the models can pursue their claims at trial.

A copy of Cloudflare’s motion to dismiss the first amended complaint is available here (pdf) and the reply from the models can be found here (pdf)

From: TF , for the latest news on copyright battles, piracy and more. We have some good VPN deals here for the holidays.

  • To chevron_right

    New MPA Subpoena Targets Private BitTorrent Tracker & Locally Significant Pirate Sites / TorrentFreak · Saturday, 21 November, 2020 - 11:57 · 4 minutes

ACE logo In what appears to be an increasing trend, global anti-piracy coalition Alliance For Creativity and Entertainment regularly heads off to court in the United States to obtain information about pirate site operators.

The weapon of choice is the DMCA subpoena, a number of which are targeted at domain registrars and US-based Cloudflare, the CDN company utilized by thousands of pirate sites. In many cases, these subpoenas seek to obtain intelligence on the world’s largest streaming and torrent portals for use in enforcement and policy activities.

A new subpoena obtained this week, however, suggests that ACE has an interest in learning about who is operating sites that are popular on a local level.

Sites That Appear to Evade Blocking in the UK

Since 2011, the UK High Court has handed down a number of blocking injunctions targeting pirate sites. Official data is a tightly held secret but it’s believed that thousands of URLs are blocked by the country’s ISPs, mostly targeting giants such as The Pirate Bay, RARBG, and similar well-known platforms.

Despite maintaining that blocking leads to “meaningful increases in legal online consumption”, the MPA hasn’t made any blocking requests for years, leading to other sites increasing their traffic. These include MagnetDL, for example, whose traffic relies heavily on the UK market.

Perhaps aiming to put a dent in this success, the MPA/ACE subpoena obtained this week aims to find out more about MagnetDL’s operator after informing the court that the site helps to distribute the movie Frozen II in breach of Disney’s copyrights. And there are others too. has only been gaining any significant traffic since the summer but the torrent search engine, which also helps people access blocked sites, is now doing rather well with an estimated two million visitors per month. Interestingly and according to SimilarWeb stats, around a third of that traffic is coming from the UK where the site is not blocked, with just over 5% coming from the US, the next most popular visitor location.

A similar situation can be found in which has been running for some time, pulling in up to five million visits per month since the summer, with around 30% of those coming from the UK. Only the US comes close in terms of traffic but even that huge nation is relegated to second place.

Continuing on the 123movies theme, has even more traffic but it too is highly reliant on the UK market, with around a quarter of its visitors hailing from the region. is a much smaller operation but again, around 30% of its traffic comes from the UK. The outlier is, which derives almost 60% of its traffic from the US with the UK trailing behind, albeit with an estimated million visitors per month.

Sites Thriving Around Europe

With millions of visitors per month each, it’s no surprise that sites such as,, and feature in the DMCA subpoena obtained by ACE/MPA. In these cases, the sites are all heavily reliant upon traffic from Germany with 66%, 65% and 52% traffic share currently hitting the sites.

That being said, there are other sites even more reliant on traffic from specific European countries. Movie and TV show streaming site, for example, has almost 92% of its 2 to 4 million monthly visitors arriving from France., on the other hand, has around six million monthly visitors, with more than 80% hailing from Spain. And when it comes to reliance on the Italian market, is right up there with 97%, with Switzerland, Germany. Belgium and the UK fighting over the remaining 3%.

Finally, an Interesting Outlier

The vast majority of ACE/MPA subpoenas target streaming and public torrent sites but this one contains a notable exception.

Buried away in the list is, an invite-only private tracker specializing in French-language content. According to estimates from 2019, the site ‘only’ has around 20,000 members but with around 100,000 torrents, the site appears to be generating more than a million visits per month, three-quarters of which can be allocated to Canadian users.

As far as we’re aware, this is the first time that a private BitTorrent tracker has made an appearance in a Cloudflare subpoena but at the rate they’re currently being obtained from courts in the US, this probably won’t be the last.

The DMCA subpoena documents can be found here ( 1 , 2 pdf), full site list below

From: TF , for the latest news on copyright battles, piracy and more.