context safety score
A score of 35/100 indicates multiple risk signals were detected. This entity shows patterns commonly associated with malicious intent.
encoded payload
suspicious base64-like blobs detected in page content
malicious redirect
script/meta redirect patterns detected in page source
cloaking
Page conditionally redirects based on referrer or user-agent
cloaking
Page loads content in transparent or zero-size iframe overlay
js obfuscation
JavaScript uses Function constructor for runtime code generation
malicious redirect
A Statsig A/B experiment named '03032026_landing_page_ai_test' is used to fetch a dynamic redirect_url from a remote feature-flag service (cdn.intellimize.co) and unconditionally execute window.location.replace(redirectUrl) without any validation or allowlist check on the destination URL. An attacker who compromises the Statsig experiment configuration (client key exposed in source: 'client-EK8xhbgmSIPwjyISbYqTJV7K9DL2zlQV8v1T3wyaJqY') could redirect all visitors to an arbitrary phishing or malware page. (location: page.html lines 79-90 (<script> block in <head>))
obfuscated code
The ZoomInfo integration script uses custom character-rotation obfuscation (ROT-style cipher via charCodeAt arithmetic) applied to base64-encoded strings to conceal the global window property name it sets and the external script URL it loads. This pattern deliberately hides what domain is being contacted and what global variable is being polluted, preventing straightforward static analysis. (location: page.html line 187 / page-text.txt line 97 (ZoomInfo <script> block))
hidden content
The Google Tag Manager noscript iframe (GTM-WB5Z899) is injected with style='display:none;visibility:hidden', making it invisible to users while still firing GTM triggers and loading third-party tags. While standard GTM practice, the hidden iframe can load arbitrary third-party scripts without user visibility. (location: page.html lines 147-150 (noscript GTM iframe))
prompt injection
The page embeds raw JavaScript source code (including DOM-traversal and console-logging routines) directly in the rendered text layer (page-text.txt lines 12, 14, 263-289). An AI agent scraping visible page text would ingest executable script fragments as plain text, which could confuse or manipulate an agent that treats page text as trusted instructions. (location: page-text.txt lines 12, 14, 263-289 (script content leaked into visible text))
curl https://api.brin.sh/domain/withcherry.comCommon questions teams ask before deciding whether to use this domain in agent workflows.
withcherry.com currently scores 35/100 with a suspicious verdict and low confidence. The goal is to protect agents from high-risk context before they act on it. Treat this as a decision signal: higher scores suggest lower observed risk, while lower scores mean you should add review or block this domain.
Use the score as a policy threshold: 80–100 is safe, 50–79 is caution, 20–49 is suspicious, and 0–19 is dangerous. Teams often auto-allow safe, require human review for caution/suspicious, and block dangerous.
brin evaluates four dimensions: identity (source trust), behavior (runtime patterns), content (malicious instructions), and graph (relationship risk). Analysis runs in tiers: static signals, deterministic pattern checks, then AI semantic analysis when needed.
Identity checks source trust, behavior checks unusual runtime patterns, content checks for malicious instructions, and graph checks risky relationships to other entities. Looking at sub-scores helps you understand why an entity passed or failed.
brin performs risk assessments on external context before it reaches an AI agent. It scores that context for threats like prompt injection, hijacking, credential harvesting, and supply chain attacks, so teams can decide whether to block, review, or proceed safely.
No. A safe verdict means no significant risk signals were detected in this scan. It is not a formal guarantee; assessments are automated and point-in-time, so combine scores with your own controls and periodic re-checks.
Re-check before high-impact actions such as installs, upgrades, connecting MCP servers, executing remote code, or granting secrets. Use the API in CI or runtime gates so decisions are based on the latest scan.
Learn more in threat detection docs, how scoring works, and the API overview.
Assessments are automated and may contain errors. Findings are risk indicators, not confirmed threats. This is a point-in-time assessment; security posture can change.
integrate brin in minutes — one GET request is all it takes. query the api, browse the registry, or download the full dataset.