context safety score
A score of 27/100 indicates multiple risk signals were detected. This entity shows patterns commonly associated with malicious intent.
encoded payload
suspicious base64-like blobs detected in page content
js obfuscation
JavaScript uses Function constructor for runtime code generation
brand impersonation
Site at 9animetv.to claims to be the 'only official website of 9anime' and explicitly positions itself as the legitimate successor to the original 9anime.to, while itself operating on a different domain. The page simultaneously warns users about fake/clone sites while being a clone or rebranded version of the original property, creating confusion about authenticity. (location: page.html:322-329, page-text.txt:230-237)
social engineering
The page employs fear-based social engineering by warning users that 'multiple fake copies that are prone to viruses and malware came into existence' and repeatedly urging users to 'visit our official 9anime website only,' driving exclusive trust toward this domain. This tactic is commonly used by impersonator sites to dissuade users from visiting the real original. (location: page.html:282-284, page-text.txt:191-193)
credential harvesting
The page contains a modal login form (id='login-form') that collects email and password fields via POST with no visible action URL specified, meaning credentials are submitted to the current domain. Combined with the site's unclear legitimacy and brand impersonation context, this form poses a credential harvesting risk. (location: page.html:551-580)
obfuscated code
Two near-identical heavily obfuscated JavaScript blocks are embedded in the page (tagged 'ipp tag' and 'data-verify=1'). The code uses a character-interleaving string encoding technique to hide method names and strings, dynamically constructs DOM elements (likely hidden iframes), intercepts document methods including querySelector, overrides localStorage/sessionStorage APIs, and patches window.location. This is consistent with ad-fraud, fingerprinting, or browser environment manipulation scripts loaded from yb23b.com. The code runs unconditionally on page load. (location: page.html:671-675, page-text.txt:572-575)
malicious redirect
The obfuscated 'ipp tag' script loads an external resource from yb23b.com (data-verifysrc='https://yb23b.com/vignette.min.js'), an unknown domain with no reputation context. The obfuscated inline code patches document.querySelector and window.location, which can silently redirect users or inject content. This is a known pattern for malvertising and drive-by redirect payloads. (location: page.html:672)
hidden content
An ad/script block is commented out in the HTML (lines 285-294) referencing a 'pubbidgeartag' ad network with zone ID 10384. While currently commented, its presence suggests the site has served or is prepared to serve third-party ad injection scripts. Additionally, the two obfuscated scripts execute in hidden iframe contexts (dynamically created with style set to hide them), processing content invisible to the user. (location: page.html:285-294, page.html:672-674)
curl https://api.brin.sh/domain/9animetv.toCommon questions teams ask before deciding whether to use this domain in agent workflows.
9animetv.to currently scores 27/100 with a suspicious verdict and low confidence. The goal is to protect agents from high-risk context before they act on it. Treat this as a decision signal: higher scores suggest lower observed risk, while lower scores mean you should add review or block this domain.
Use the score as a policy threshold: 80–100 is safe, 50–79 is caution, 20–49 is suspicious, and 0–19 is dangerous. Teams often auto-allow safe, require human review for caution/suspicious, and block dangerous.
brin evaluates four dimensions: identity (source trust), behavior (runtime patterns), content (malicious instructions), and graph (relationship risk). Analysis runs in tiers: static signals, deterministic pattern checks, then AI semantic analysis when needed.
Identity checks source trust, behavior checks unusual runtime patterns, content checks for malicious instructions, and graph checks risky relationships to other entities. Looking at sub-scores helps you understand why an entity passed or failed.
brin performs risk assessments on external context before it reaches an AI agent. It scores that context for threats like prompt injection, hijacking, credential harvesting, and supply chain attacks, so teams can decide whether to block, review, or proceed safely.
No. A safe verdict means no significant risk signals were detected in this scan. It is not a formal guarantee; assessments are automated and point-in-time, so combine scores with your own controls and periodic re-checks.
Re-check before high-impact actions such as installs, upgrades, connecting MCP servers, executing remote code, or granting secrets. Use the API in CI or runtime gates so decisions are based on the latest scan.
Learn more in threat detection docs, how scoring works, and the API overview.
Assessments are automated and may contain errors. Findings are risk indicators, not confirmed threats. This is a point-in-time assessment; security posture can change.
integrate brin in minutes — one GET request is all it takes. query the api, browse the registry, or download the full dataset.