context safety score
A score of 37/100 indicates multiple risk signals were detected. This entity shows patterns commonly associated with malicious intent.
encoded payload
suspicious base64-like blobs detected in page content
malicious redirect
script/meta redirect patterns detected in page source
cloaking
Page uses meta refresh redirect
malicious redirect
The POST form action is set to 'file:///Users/jreyesco/Downloads/$(original_url)' — a local file:// URI combined with an unresolved ESI variable. This routes POST submissions (including checkout data) to a local attacker-controlled path rather than the legitimate Patagonia server. This is a hallmark of a bot-failover page that has been tampered with or exfiltrated from a CDN and repurposed locally. (location: page.html:220)
credential harvesting
The ESI POST replay form (id='wr', name='waitroomform') captures and re-submits all POST body parameters — including checkout form fields — via hidden inputs. The form action targets a local file:// path ('file:///Users/jreyesco/Downloads/$(original_url)'), meaning all submitted data (credentials, payment info, PII) would be sent to an attacker-controlled local destination rather than Patagonia's servers. The Luhn-check logic strips valid credit card numbers before storage, but all other POST fields (names, addresses, passwords, tokens) are preserved and replayed. (location: page.html:220-322)
hidden content
The page contains extensive ESI (Edge Side Includes) markup including esi:vars, esi:function, esi:foreach, esi:assign, and esi:choose blocks that are invisible to the end user but process and manipulate POST data server-side. These blocks implement a full Luhn algorithm for credit card detection and conditionally suppress CC numbers while capturing all other POST fields. This logic is hidden from the browser's rendered view. (location: page.html:219-322)
brand impersonation
The page impersonates the legitimate Patagonia brand using the official Patagonia logo (/media/SPA-sitefailover/sitedownpage/images/patagonia-logo.png), official customer service email addresses (customer_service@patagonia.com, directsales.europe@patagonia.com, customerservice.japan@patagonia.com), official phone numbers, and Patagonia's visual design language. The page was saved locally (file:///Users/jreyesco/Downloads/botfailover%20(5).html) and appears to be a cloned/exfiltrated copy of Patagonia's Akamai CDN failover page repurposed for credential capture. (location: page.html:2, page.html:333, page.html:347)
social engineering
The page title reads 'Hang Tight! Routing to checkout...' and the visible message reassures users the site will automatically refresh and redirect them back. This creates a false sense of legitimacy and patience, keeping victims on the page while their POST data (checkout/payment submissions) is harvested. The 30-second auto-submit timer (setTimeout 30000ms) ensures POST data is silently re-submitted to the attacker's endpoint. (location: page.html:32, page.html:313-319)
obfuscated code
The file was saved locally as 'botfailover (5).html' (evidenced by the HTML comment on line 2) but is being served or analyzed in the context of patagonia.com. The ESI variables such as $(original_url), $(POST), $(REQUEST_METHOD), and $(QUERY_STRING) are CDN-layer template variables that would be processed by Akamai's ESI engine before delivery. When served outside that environment (e.g., locally or via a rogue proxy), these variables remain unresolved, making the true redirect destination dynamic and difficult to statically analyze. (location: page.html:2, page.html:184-220)
curl https://api.brin.sh/domain/patagonia.comCommon questions teams ask before deciding whether to use this domain in agent workflows.
patagonia.com currently scores 37/100 with a suspicious verdict and low confidence. The goal is to protect agents from high-risk context before they act on it. Treat this as a decision signal: higher scores suggest lower observed risk, while lower scores mean you should add review or block this domain.
Use the score as a policy threshold: 80–100 is safe, 50–79 is caution, 20–49 is suspicious, and 0–19 is dangerous. Teams often auto-allow safe, require human review for caution/suspicious, and block dangerous.
brin evaluates four dimensions: identity (source trust), behavior (runtime patterns), content (malicious instructions), and graph (relationship risk). Analysis runs in tiers: static signals, deterministic pattern checks, then AI semantic analysis when needed.
Identity checks source trust, behavior checks unusual runtime patterns, content checks for malicious instructions, and graph checks risky relationships to other entities. Looking at sub-scores helps you understand why an entity passed or failed.
brin performs risk assessments on external context before it reaches an AI agent. It scores that context for threats like prompt injection, hijacking, credential harvesting, and supply chain attacks, so teams can decide whether to block, review, or proceed safely.
No. A safe verdict means no significant risk signals were detected in this scan. It is not a formal guarantee; assessments are automated and point-in-time, so combine scores with your own controls and periodic re-checks.
Re-check before high-impact actions such as installs, upgrades, connecting MCP servers, executing remote code, or granting secrets. Use the API in CI or runtime gates so decisions are based on the latest scan.
Learn more in threat detection docs, how scoring works, and the API overview.
Assessments are automated and may contain errors. Findings are risk indicators, not confirmed threats. This is a point-in-time assessment; security posture can change.
integrate brin in minutes — one GET request is all it takes. query the api, browse the registry, or download the full dataset.