ScanMalware.com

Security Scan Report: www.donbalon.com

Submitted: Oct 26, 2025, 3:42:47 PMCompleted: Oct 26, 2025, 3:46:07 PMpubliccompleted
Loading additional data...

Summary

This website contacted 155 IPs in 8 countries across 45 domains to perform 290 HTTP transactions. The main domain is donbalon.com and was registered NaN years ago.

Submitted URL: https://www.donbalon.com/futbol/realmadrid/alvaro-carreras-ha-sido-vetado-por-luis-de-la-fuente-en-la-roja

AI Security Verdict

Low Risk

Confidence: 92%

2
Risk Score

Low‑risk legitimate news site; circular redirect noted.

Risk Factors
Circular redirect detected
Domain not in Cisco Umbrella top 1M (unranked)
Safety Factors
Established domain age (>25 years)
No malicious Indicators of Compromise
No forms collecting sensitive data
Legitimate‑looking news content
Domain age information unavailable

Details

Page Title

Álvaro Carreras ha sido vetado por Luis de la Fuente en la Roja

Scan Type

public

Language

🇪🇸

Spanish

(80% confidence)

Category

news/blog

(40%)

Domain Information

The domain 'www.donbalon.com' uses the commercial generic top-level domain (.com), featuring subdomain 'www'. Count 8 characters in 'donbalon' with 3 vowels and 5 consonants. Tokenizing the label suggests three words: don, bal, on. Expect 3 characters per word on average. 'don' is most common in Estonian usage. Usage also turns up in Finnish and Chinese (Pinyin) contexts.

Screenshot

Security scan screenshot of https://www.donbalon.com/futbol/realmadrid/alvaro-carreras-ha-sido-vetado-por-luis-de-la-fuente-en-la-roja

Page Load Overview

4.22s
Total Load Time
290
HTTP Requests
45
Domains
8.2 MB
Total Size

Language Analysis

Primary Language

🇪🇸Spanish
Code: es
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:es
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:es
Text Length:13,523 chars
Detector Agreement:100%

Website Classification

Primary Category

news/blog40% confidence
Type: static
Method: structural

All Detected Categories

news/blog
40%
forum
40%

Detected Features

OG: article

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
133146.75.121.44Frankfurt am Main, Hesse, Germany
AS54113FASTLY
36157.240.0.63Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
32213.96.244.209Valladolid, Castille and León, Spain
AS3352Telefonica De Espana S.a.u.
8104.16.56.62United States
AS13335CLOUDFLARENET
8141.226.228.48Netherlands
AS200478Taboola.com ltd
534.149.50.64Kansas City, Missouri, United States
AS396982GOOGLE-CLOUD-PLATFORM
457.129.86.15Frankfurt am Main, Hesse, Germany
AS16276OVH SAS
4104.20.24.176United States
AS13335CLOUDFLARENET
4157.240.253.63Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
3142.250.186.110United States
AS15169GOOGLE
290155--

Detected Technologies2

HSTS
40%
Google Tag Manager
30%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T13B44F7B2D0541A2780D3D7C4FBB0B71E9296422CDE024969E3EE436893DEED5B49739C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:TApPDi2EzCipSjzSVdq9gcg4bgas+5yT+TsdVlHVcvhLhug5gS1y5aPuQppzURtQ:TApr/ELyaSKeGb5KSQee+G1weY8Mi

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:256082:CX9MIASgSBVEjStgCiiBhGBA+QBAYLaSAQAqeEAIBm6uJIIAlQAComCYUexOAmYQEhuACOkWFFL7uEAIwMMiDB4SwJTQAgpD

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00003c3c3c3c00c0
Perceptual Hash:da07700fda33ce98
Difference Hash:2906717969619686
Wavelet Hash:00f0bcbcbcbcc0c0
Color Hash:#79d2b8

Other Hashes

Crop Resistant:686081a6debc41c1,ea5953fff8e2e2f8,2906717969619686

Scan History

Scan history not available

Unable to load historical scan data