Security Review

Is doxbin.com legit or a scam?

Our verdict:Dangerous· 1/100

A high-risk doxing site used for harassment and data exposure with a history of law enforcement seizures and massive data breaches.

doxbin.comScanned 2h ago
0
Trust score
DANGEROUS
Score breakdown
Heuristics 0·MT 5
Category tags
doxing servicedata privacy risk#data harvester95% MT confidence
Technical red flags (1)

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
4/92
Engines flagged this URL
Domain Age
16 years old
Registered Dec 30, 2010
MT Intelligence
Dangerous
Critical likelihood · 95% confidence
DANGEROUS

Critical risk detected

4 of 92 antivirus engines flag this page (2 outright malicious). Multiple independent checks — antivirus engines, browser safety blocklists, and threat databases — flagged this site. Don't enter personal information, deposit money, or download files.

Website Preview

Screenshot of doxbin.com
LIVE RENDER
doxbin.com

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

50
/ 100
High visual risk

Visual red flags detected in the screenshot

We could not capture a fully-rendered screenshot of this page; visual analysis is inconclusive.

Visual risk50/100

What our vision model saw

1 signal

Screenshot incomplete — site may be slow to render

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust5/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The site is a well-known 'doxing' service dedicated to exposing private data like home addresses, phone numbers, and social security numbers. Our antivirus network, including Kaspersky and Chong Lua Dao, flags the domain as malicious or phishing. Historical data confirms the platform was previously seized by law enforcement for hosting illegal content. Furthermore, the site suffered a massive data breach in 2022 that exposed the personal information of over 370,000 users. The combination of its harmful purpose and poor security history makes it extremely dangerous.
Full dossier
Analysis complete

Page Content

The site functions as a public database for 'doxes'—collections of private information intended to harass or expose individuals. Content often includes sensitive PII such as physical addresses and contact details.

Infrastructure

The domain uses Cloudflare for DNS and DDoS protection, which masks the true hosting origin. While the SSL certificate is valid, the site has been the subject of numerous abuse reports to its service providers.

Domain History

Registered in 2010, the domain has a long and troubled history. It originated as a Tor hidden service before moving to the clearnet and has survived multiple attempts at takedowns and domain seizures by international authorities.

Web Reputation

The reputation is overwhelmingly negative across security communities. It is frequently cited in reports regarding online harassment, sextortion, and the trade of stolen data.
Risk Factors
5
  • Multiple antivirus engines including Kaspersky and Chong Lua Dao flag the site as malicious.
  • Confirmed history of hosting illegal private data and being seized by law enforcement.
  • Documented data breach in 2022 exposing over 370,000 user records.
  • Primary purpose of the site is doxing and harassment, which violates standard safety policies.
  • Frequent mentions in cybercrime and privacy-violation contexts on platforms like Reddit.
Positive Signals
2
  • The domain has been registered for over 15 years, though this reflects persistence rather than legitimacy.
  • Valid SSL certificate is present.
AI Recommendation
Avoid this website entirely. If your information appears on this site, do not contact the administrators directly, as they are known to engage in further harassment.
Scam network detected
2 linked domains correlated

The operators maintain several mirror domains and have historically operated on the dark web to evade takedowns.

doxbin.netdoxbin.org
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for doxbin.com, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
15 yrs
Registered Dec 2010
Business registration
Active · United States
Site traces back to an actively registered business.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
2 scam reports · 3 complaints
Key findings
7 headline facts from open-web research
  • Domain registered December 30, 2010 (over 15 years old), currently active with expiry in 2030 and Cloudflare protection; WHOIS privacy enabled via PrivacyGuardian.org.
  • Doxbin originated as a Tor hidden service (onion) pastebin launched in 2012 for publishing personal data/doxes; seized by law enforcement in 2014 during Operation Onymous for hosting illegal content like SSNs and credit card data in plainte
  • Clearnet doxbin.com is actively associated with doxing; receives significant traffic (hundreds of thousands of visits monthly as of 2026 per Semrush) and is frequently discussed on Reddit in privacy, scams, and hacking contexts.
  • Major data breach in January 2022 exposed >370k emails, usernames, password hashes, and extensive PII from doxes (names, addresses, phones); breach later leaked online and added to Have I Been Pwned.
  • Multiple abuse reports filed against doxbin.com for its content, including a 2025 Cloudflare community post complaining of no action on DNS hosting takedown requests.
  • Reddit users report personal or family information (including children's YouTube channels) being posted on the site, often linked to online disputes, sextortion, or harassment; site described as hosting doxing without strict illegality chec
  • VirusTotal flags related domains (e.g. doxbin.org) as malicious by some vendors; site continues to operate despite historical seizures and breaches.
Scam reports (2)
Direct quotes from public scam databases, forums, and news.
  • Cloudflare Communityopen

    "Cloudflare has not responded to or acted on my abuse reports regarding the DNS hosting of the domains doxbin.com and doxbin.net. Despite multiple attempts to report these domains, no takedown action has been initiated."

  • Have I Been Pwnedopen

    "In January 2022, the "doxing" website designed to disclose the personal information of targeted individuals ("doxes") Doxbin suffered a data breach... over 370k unique email addresses... names, physical addresses, phone numbers and more."

Business registration
Status: active · United States

Registered via NameSilo, LLC with PrivacyGuardian.org protection; expires 2030-12-30; uses Cloudflare nameservers

Research summary
Narrative write-up from our AI analyst, grounded on the facts above
Research confirms this domain is the primary clearnet home for a long-running doxing service. According to Have I Been Pwned, the site leaked over 370,000 unique email addresses and physical addresses in a 2022 breach. Public reports on Reddit and various security forums link the site to harassment campaigns and the unauthorized publication of children's information and private financial data.

Antivirus Engines

Detection matrix · live
4 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

2Malicious2Suspicious57Harmless92Engines
0
of 92
Chong Lua Dao
Malicious· malicious
Kaspersky
Malicious· phishing
alphaMountain.ai
Suspicious· suspicious
Gridinsoft
Suspicious· suspicious

4 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Technical checks

Domain & Encryption

Domain History
Age16 years old
RegistrarNameSilo, LLC
RegisteredDec 30, 2010
ExpiresDec 30, 2030
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · YE1
ExpiresSep 14, 2026 (72d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS

Redirect Chain

Hops
1
Cross-domain
No
Lookalike
No
Punycode
No
  • 1301http://doxbin.com/
  • 2403https://doxbin.com/

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Avoid this site

Our automated review flagged enough risk that you should treat this site as unverified.

  • Do not interact with doxbin.com

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Verify the business through independent channels

    Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.

  • Never use irreversible payment methods

    Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.

  • Share your experience

    If you have additional context, drop a comment below or post on the MalwareTips forum.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags doxbin.com as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — doxbin.com scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. doxbin.com presents a valid TLSv1.3 certificate issued by Let's Encrypt · YE1, expiring in 72 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • doxbin.com is 15.5 years old, registered on 12/30/2010 through NameSilo, LLC. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • 4 out of 92 antivirus engines in our malware network flagged doxbin.com as malicious or suspicious (2 outright malicious). Even one detection is a meaningful signal.
  • No. doxbin.com is not currently listed on the major browser blocklist feeds that modern browsers use.
  • doxbin.com resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on July 3, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around doxbin.com have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·doxbin.com
DANGEROUS

This is a notorious doxing platform used to publish the private personal information of individuals without their consent. Multiple antivirus engines flag it as a threat, and it has a history of major data breaches and law enforcement seizures. Do not visit this site or enter any personal details.

Avoid this website entirely. If your information appears on this site, do not contact the administrators directly, as they are known to engage in further harassment.

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.