Security Scan Report: split.to

Redirected to: https://www.google.com/

Site favicon
Submitted: Oct 10, 2025, 12:49:47 PMCompleted: Oct 10, 2025, 12:50:11 PMpubliccompleted
Loading additional data...

Summary

This website contacted 22 IPs in 2 countries across 7 domains to perform 38 HTTP transactions. The main domain is google.com.

Submitted URL: https://split.to/zrpBAN1

Effective URL: https://www.google.com/Redirected

AI Security Verdict

High Risk

Confidence: 80%

7
Risk Score

High‑risk phishing redirect using Google branding; final URL is legitimate but initial domain is suspicious.

Risk Factors
Social engineering detection by Google Safe Browsing
Brand impersonation on an unranked, unknown domain
Suspicious redirect from a non‑whitelisted domain
Lack of domain reputation (unranked in top 1M)
Domain age information unavailable

Details

Page Title

Google

Scan Type

public

Language

🇩🇪

German

(80% confidence)

Category

adult content

(54%)

Domain Information

The domain name 'split.to' uses the .to country-code top-level domain with no subdomain. Its registrable label 'split' stretches across 5 characters split between one vowel and 4 consonants. Tokenizing the label suggests 1 word: split. Median word length is five characters. 'split' is most common in English usage. Secondary signals appear in Chinese (Pinyin) and Bosnian.

Screenshot

Security scan screenshot of https://split.to/zrpBAN1

Page Load Overview

7.16s
Total Load Time
38
HTTP Requests
7
Domains
647 KB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:de
Text Length:3,493 chars
Detector Agreement:100%

Website Classification

Primary Category

adult content54% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

adult content
54%
education learning
41%
news media journalism
35%
documentation technical
34%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1142.250.186.106United States
AS15169GOOGLE
1172.67.69.214United States
AS13335CLOUDFLARENET
1142.250.185.99United States
AS15169GOOGLE
1142.250.184.195United States
AS15169GOOGLE
1142.250.185.196United States
AS15169GOOGLE
1142.250.185.142United States
AS15169GOOGLE
1217.160.0.229Germany
AS8560IONOS SE
12606:4700:20::681a:bd7United States
AS13335CLOUDFLARENET
12a00:1450:4001:81d::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
12a00:1450:4001:810::200eFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
3822--

Detected Technologies3

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D2445C3163107C3BA423DAA1B0BB6F4E3C75E16FD80A46F4A9A1E970CFE1DB5152526C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:/OopHZCcAWucySlmN02CFcZDTI8A8tNc62c0mW96:/OopHZCcAWubN5JIfmM6

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:262880:AkZOgJCEQnBVJAgyHHVPMAMDJABgFgUymEHAFwEiwCJBBNJKEDISoG7Ggp1QgCwEQejBCUw0FQEMnkAxCYGgiUgQJjjumqAC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:183c3c3c3c3c3c18
Perceptual Hash:9bd9646475736464
Difference Hash:6869696969696969
Wavelet Hash:3c3c3c3c3c3c3c3c
Color Hash:#59931f

Other Hashes

Scan History

Scan history not available

Unable to load historical scan data