context safety score
A score of 32/100 indicates multiple risk signals were detected. This entity shows patterns commonly associated with malicious intent.
encoded payload
suspicious base64-like blobs detected in page content
malicious redirect
script/meta redirect patterns detected in page source
brand impersonation
The domain 2020.pycon-au.org belongs to the legitimate PyCon Australia 2020 conference website, but it has been fully hijacked and replaced with 'BINTANGMPO', an Indonesian online gambling/slot platform. The page title, meta description, and all content impersonate a gambling site while exploiting the trusted pycon-au.org domain name. (location: page.html:5 - <title>BINTANGMPO | Slot Mahjong Ways Gacor Hari Ini 2026 RTP Tinggi</title>; metadata.json domain: 2020.pycon-au.org)
malicious redirect
Registration ('Daftar') and login ('Masuk'/'Login') buttons throughout the page redirect users to https://cepat.lol/bintangmpo — a third-party URL shortener/redirect domain completely unrelated to pycon-au.org. This is used to funnel victims from a trusted domain to an off-domain gambling site. (location: page.html:5536 - <a href="https://cepat.lol/bintangmpo">, page.html:5599, page.html:5602)
malicious redirect
An AMP HTML link points to https://pycon-au.ampemail0.workers.dev/ — a Cloudflare Worker domain that mimics the legitimate pycon-au.org domain name but is a separate attacker-controlled property used to serve alternative content or redirect mobile/AMP users. (location: page.html:7 - <link rel="amphtml" href="https://pycon-au.ampemail0.workers.dev/">)
credential harvesting
An obfuscated inline script (line 5569) contains a WebSocket-based credential harvesting toolkit. It explicitly monitors password input fields (function d/c/M detect password inputs), sends 'password_input_focus' events with tokens over a WebSocket connection (B.send), and exfiltrates page URL, document title, user agent, and focus state to a remote server. This is a fully functional password interception agent. (location: page.html:5569 - inline <script> containing WebSocket credential exfiltration code with password_input_focus type events)
obfuscated code
A large minified/obfuscated inline JavaScript block (line 5569) contains a sophisticated remote-control agent: it accepts WebSocket commands to (r) redirect the browser via window.location, (b) replace the entire document.body.innerHTML with attacker-supplied HTML, (w) trigger unknown behaviors, and (x) execute file callbacks. This constitutes a full browser hijacking toolkit disguised within the page. (location: page.html:5569 - case 'r': window.location=e.data.substring(1); case 'b': document.body.innerHTML=e.data.substring(1))
social engineering
A full-screen fixed overlay (z-index: 9999, 100vw x 100vh with blur backdrop) is injected at the bottom of the page, presenting a modal popup with DAFTAR/LOGIN buttons linking to cepat.lol/bintangmpo. This overlay covers the entire page and coerces users into clicking gambling registration links with urgency framing ('Gacor Hari Ini 2026 RTP Tinggi'). (location: page.html:5587-5633 - <div style="position: fixed; z-index: 9999; width: 100vw; height: 100vh;">)
hidden content
Two hidden div elements with duplicate IDs ('privacy-settings-manager-load-complete' and 'footer-script-loaded') are injected with display:none at the end of the page body. Duplicate IDs and hidden tracking/state divs are a common technique to signal to external scripts that payloads have loaded. (location: page.html:5634-5637 - <div id="privacy-settings-manager-load-complete" style="display: none;"> (appears twice each))
obfuscated code
A keydown event listener intercepts Ctrl+U (browser 'View Source' shortcut), prevents the default action, destroys all page HTML (document.body.innerHTML = ''; document.documentElement.innerHTML = ''), and replaces it with a full-screen image. This is an anti-forensics technique to prevent source inspection and hide the malicious code from users attempting to view the page source. (location: page.html:5570-5584 - document.addEventListener('keydown', ...) intercepts Ctrl+U and wipes DOM)
curl https://api.brin.sh/domain/2020.pycon-au.orgCommon questions teams ask before deciding whether to use this domain in agent workflows.
2020.pycon-au.org currently scores 32/100 with a suspicious verdict and low confidence. The goal is to protect agents from high-risk context before they act on it. Treat this as a decision signal: higher scores suggest lower observed risk, while lower scores mean you should add review or block this domain.
Use the score as a policy threshold: 80–100 is safe, 50–79 is caution, 20–49 is suspicious, and 0–19 is dangerous. Teams often auto-allow safe, require human review for caution/suspicious, and block dangerous.
brin evaluates four dimensions: identity (source trust), behavior (runtime patterns), content (malicious instructions), and graph (relationship risk). Analysis runs in tiers: static signals, deterministic pattern checks, then AI semantic analysis when needed.
Identity checks source trust, behavior checks unusual runtime patterns, content checks for malicious instructions, and graph checks risky relationships to other entities. Looking at sub-scores helps you understand why an entity passed or failed.
brin performs risk assessments on external context before it reaches an AI agent. It scores that context for threats like prompt injection, hijacking, credential harvesting, and supply chain attacks, so teams can decide whether to block, review, or proceed safely.
No. A safe verdict means no significant risk signals were detected in this scan. It is not a formal guarantee; assessments are automated and point-in-time, so combine scores with your own controls and periodic re-checks.
Re-check before high-impact actions such as installs, upgrades, connecting MCP servers, executing remote code, or granting secrets. Use the API in CI or runtime gates so decisions are based on the latest scan.
Learn more in threat detection docs, how scoring works, and the API overview.
Assessments are automated and may contain errors. Findings are risk indicators, not confirmed threats. This is a point-in-time assessment; security posture can change.
integrate brin in minutes — one GET request is all it takes. query the api, browse the registry, or download the full dataset.