DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

COUNTRY REPORT — Spain · spain

First sighted: May 4, 2023, 3 a.m. · Last sighted: March 2, 2026, 2 a.m.

Risk
100 (high)
Total hits
111871
Total errors
26461
Distinct IPs
50597
Distinct ASNs
433
Country
Spain
Top Org
unknown
Top ASN
AS3352 • TELEFONICA DE ESPANA S.A.U.
Risk Rank
#31 / 208
Geo Coverage
100.0%
Confidence
100/100
Push Alert
Watch
Briefing Notes
  • Spain: risk 100 (high).
  • Risk rank #31 of 208 countries.
  • Coverage 100.0% geolocated, confidence 100/100.
  • Top organization: unknown (28,261 hits).
  • Top ASN: AS3352 (18,561 hits).
  • Push alert posture: Watch (Moderate risk or recent activity).

Risk

Model: v1 Computed: 2026-03-05 19:30:11
Risk score
100
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Annotator influence radar
Rendering annotator influence profile…
Normalized contribution (0..1) per annotator versus robust per-code envelope.
Key drivers
Credential brute forcing
Repeated authentication attempts consistent with password guessing or credential stuffing.
cred
Hits 5419
Points 17796.90
Automated client behavior
Traffic patterns strongly suggest automation rather than a human-operated browser.
bot
Hits 4863
Points 2431.50
Sensitive file probing
Requests target commonly sensitive files, configs, backups, or administrative resources.
sfp
Hits 146
Points 1194.16
Scan velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
scan_velocity
Hits 396
Points 676.08
Path traversal attempts
Request paths/parameters resemble attempts to access files outside intended directories.
trav
Hits 64
Points 471.12
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 2547
Points 369.88
Command injection attempts
Request content resembles attempts to execute OS commands via an application.
cmdi
Hits 15
Points 353.60
Request size anomaly
Requests are unusually large or shaped in a way that suggests abuse or automation.
request_size
Hits 687
Points 83.76
Firewall probing
Traffic behavior suggests probing of access controls and protected surfaces.
fwprobe
Hits 2
Points 25.20
HTTP method anomaly
Unusual or unexpected HTTP methods observed for the target endpoints.
method
Hits 33
Points 15.84
Protocol anomaly
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
proto
Hits 11
Points 9.04
Referrer abuse
Referrer patterns look manipulated, irrelevant, or inconsistent with normal navigation.
ref
Hits 8
Points 1.53

Top Organizations Operating In The Country

Most-observed organizations in this country
unknown digi spain telecom s.l rima (red ip multi acceso) microsoft azure cloud (spaincentral) jazztel triple play services xtra telecom s.a xfera moviles sa xfera moviles s.a vodafone espana s.a.u masmovil ibercom sa xtra telecom s.a. digi spain residential orangecoporateabi cableuropa - ono ono net in whole spain avatel telecom sa vodafone spain tme r cable y telecomunicaciones galicia s.a. comunitel global s.a. www ibercom sl jazztel mobile services masmovil - spain vodafone espana s.a.u. avatel provider local registry adamo telecom iberia s.a.u ono_hfc ipcom uni2 olivenet network s.l euskaltel cm avatel ftth netskope mad vodafone ono s.a adamo telecom iberia s.a comunitel global procono s.a cloudflare warp orangeadsl icloud private relay

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this country.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
63116
3xx
20031
4xx
22404
5xx
4057
Unique URLs
0
Total hits
111871
First seen
May 4, 2023, 3 a.m.
Last seen
March 2, 2026, 2 a.m.

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Uses totals aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this country snapshot (peer IPs with coordinates).

Loading map…

Top Autonomous System Networks

Most-observed networks in this country
AS3352 TELEFONICA DE ESPANA S.A.U. AS57269 DIGI SPAIN TELECOM S.L. AS12479 Orange Espagne SA AS8708 RCS & RDS AS15704 XTRA TELECOM S.A. AS12430 VODAFONE ESPANA S.A.U. AS200845 AVATEL TELECOM, SA AS6739 VODAFONE ONO, S.A. AS29119 AIRE NETWORKS DEL MEDITERRANEO SL UNIPERSONAL AS12338 Euskaltel S.A. AS34977 PROCONO S.A. AS12334 R Cable y Telecable Telecomunicaciones, S.A.U. AS34471 Free Technologies Excom S.L. AS201746 Olivenet Network S.L. AS42947 Telfy Telecom S.L. AS766 RedIRIS Autonomous System AS42493 Lorca TV Sol S.L. AS41368 Spotting Brands Technologies S.L. AS212097 VIM TELECOMUNICACIONES SL AS208909 Gurbtec Iguana Telecom SL AS3339 FIBRAWORLD TELECOM S.A.U. AS209835 Despliegue de Redes de Telecomunicaciones S.L. AS35394 Cable Aireworld S.A.U. AS202513 Gestioniza Infraestructuras S.L. AS42666 Embou Nuevas Tecnologias SL AS210423 ATUAXANELA, S.L. AS200773 INFORMATICA FUENTEALBILLA S.L. AS50563 Onlycable Comunicaciones S.L. AS12946 R Cable y Telecable Telecomunicaciones, S.A.U. AS199496 E-PORTS AMPLE DE BANDA I INTERNET S.L. AS211261 Fibranet Tecnologia y Sistemas SL AS12541 Lyntia Networks. Backbone AS. AS203600 VIVAFIBRA TELECOMUNICACIONES, S.L. AS205718 ALCORT INGENIERIA Y ASESORIA S.L. AS203936 MismeNet Telecomunicaciones AS202829 Luis Sanchez Martin AS60203 Innovaciones Tecnlogicas del Sur S.L. AS200738 FIBRAWORLD TELECOM S.A.U. AS58327 FIBERGREEN TECNOLOGICAS S.L. AS201466 Xarxes de Telecomunicacions Alternatives SL