$ curl -i -X POST "https://doxbin.com"
HTTP/2 200
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: _ddg1=YPFqH7KPbEa8tc0JjNws; Domain=.doxbin.com; HttpOnly; Path=/; Expires=Mon, 10-Apr-2023 02:09:37 GMT
date: Sun, 10 Apr 2022 02:09:38 GMT
content-type: text/html
content-length: 1118
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache

<!DOCTYPE html>
<html>
<script src="/vddosw3data.js"></script>
<script type="text/javascript" src="/aes.min.js" ></script><noscript><h1 style="text-align:center;color:red;"><strong>Please turn JavaScript on and reload the page.</strong></h1></noscript>
<body>
<div w3-include-html="/5s.html"></div>
<script>
w3IncludeHTML();
</script>
<script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f
<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var b1=atob("ZjJkODI0N2FkYzg3NzZmYjM5YjdiOThmN2IxMWQyYzg="),b2=toNumbers(b1),_0xe8f2=["\x34\x36\x36\x62\x36\x66\x62\x62\x62\x64\x61\x37\x31\x34\x63\x31\x32\x38\x65\x37\x32\x33\x32\x30\x39\x37\x33\x30\x33\x37\x65\x63"];a1= toNumbers(_0xe8f2[0]),c3=toNumbers("ee51bb599688ca58dfd26b455c165c74");document.cookie="vDDoS="+toHex(slowAES.decrypt(c3,2,a1,b2))+";  path=/";setTimeout("location.href='https://doxbin.com:443/';",5000);
</script>
<center>
<br />
<br />
<center/>
</body>
</html>

https://doxbin.com
data-sitekey="6LeKbyodAAAAAHNxcc6fkCVFSzKgXNm_d1XF7iTB

<input type="hidden" name="_token" value="6GxRSw59L7GU0xXV3GgJb0Veb87wxqGcfsQrtQdG">

  <script>
        $('#login-form').on('submit', function(e){
            $.post('/login', {
                username: $('#username').val(),
                password: $('#password').val(),
                _token: $('input[name=_token]').val(),
                "g-recaptcha-response": $('[name=g-recaptcha-response]').val()
            }, function(resp){
                if(resp.status == "err"){
                    $('#error-msg').text(resp.msg);
                    grecaptcha.reset()
                }else{
                    window.location = '/';
                }
            });
            e.preventDefault();
        });
    </script>

</body>
</html>


https://keybase.io/_/api/1.0/getsalt.json?email_or_username=clown&generate_hmac_pwh(password,%20salt,%20login_session

https://www.mediafire.com/file/9kuitwnm0clobc5/doxbin.zip/file

https://www.mediafire.com/file/e629ehmx39f8x6y/logs.zip/file

https://github.com/Jihadi4Prez/Boatnet.us-Source-Code/blob/master/Archive/Scanners/Python/b1naryv4.py

https://doxbin.com/vddosw3data.js

http://158.69.6.193:443/api/attack?username=4kt&key=4kt-key-112334&host=&port=&time=&method=GET

Doxbin's botnet reverse engineered

By SleepTheGod 
Twitter.com/ClumsyLulz