- Spain’s LaLiga anti-piracy blocks disrupted at least 554,507 legitimate domains between January and June 2026, OONI reveals
- Blocking just 4 to 20 IP addresses during a one-hour match window knocked out over 400,000 unrelated sites
- Researchers also uncovered alarming TLS Man-in-the-Middle (MitM) eavesdropping tactics at a Spanish ISP
Soccer fans in Spain aren’t the only ones feeling the impact of LaLiga’s aggressive war against illegal streaming. A staggering new report shows that the league’s court-authorized anti-piracy campaign has accidentally disrupted access to more than 500,000 legitimate websites, taking down everything from human rights platforms to vital cloud infrastructure.
According to a June 2026 report published by the Open Observatory of Network Interference (OONI), Spain’s IP-based blocking campaign caused extensive security damage between January and June 2026.
The nonprofit, which specializes in measuring global Internet censorship, found that at least 5.8% of the 9.2 million most popular Internet domains were blocked at least once during broadcasts of soccer matches.
The extent of this collateral damage highlights a fundamental flaw in current anti-piracy tactics. Because much of the modern Internet relies on shared hosting and content delivery networks (CDNs), trying to block a single illegal stream by banning its The IP address often drags hundreds of thousands of innocent websites down with it.
If you want to bypass these broad regional blocks, the use of the best VPNs is increasingly becoming a necessity for Spanish internet users trying to maintain access to the open web.
The collateral damage of La Liga’s anti-piracy block
The indirect damage stems directly from how the internet is structured. Providers such as Cloudflare, Amazon, Microsoft and Meta use shared reverse-proxy architectures, meaning that thousands of completely unrelated domains sit behind a single IP address.
Throughout the observation period, OONI discovered that the enforcement affected 7,441 unique IP addresses across 36 infrastructure providers. Cloudflare bore the brunt of the fallout, with the report identifying over 501,000 affected domains hosted behind just 2,218 blocked IPs.
Among the subsequent damage were benign and critically important websites, including those belonging to Amnesty International and Greenpeace.
đź”´ New Report: Collateral Damage of IP-Based Blocking During LALIGA Football Streaming in Spain: Evidence from OONI Measurement’s latest research report presents OONI data documenting widespread collateral damage caused by IP blocking in #Spain during… pic.twitter.com/vNirkfEKfZ30 June 2026
In addition to the widespread outages, the anti-piracy tactics have introduced alarming security vulnerabilities.
OONI researchers noted in a post on X that they “detected TLS Man-in-the-Middle (MitM) attack on Digi Mobil (AS57269), raising privacy and security concerns.”
This invasion of privacy affected 7,334 unique IPs hosting over 10,759 domain names, exposing Spanish users to potential data interception simply to stop them from streaming soccer matches.
As we covered on Tuesday, there is a growing backlash against these reckless enforcement measures. European ISP groups have strongly argued that rights holders should be liable for collateral damage related to piracy, as wrongful court orders by rights holders such as LaLiga repeatedly break the internet.
While OONI admits that its methodology has limitations and likely underestimates the true extent of the impact, the results paint a bleak picture of IP-based blocking. When taking down a handful of pirated streams knocks out half a million legitimate websites, the cure may well be worse than the disease.



