BU
A build hash signature appearing across 73 domains indicates these sites share identical underlying codebase architecture, likely generated from the same malicious template or framework used to mass-produce gambling/scam sites. The presence of this build hash on domains like 1xjett.com, baxmot.com, and belazbet.com demonstrates coordinated deployment of cloned phishing or gambling fraud infrastructure by the same threat actor or operation.
Fingerprint
5738d0dfaad74be8- Detections
- 73
- Hash type
- Build artefact
- Status
- Active
- Last scanned
- May 2026
732026-03
Detected domains
731xjett.com
OfflineTrust 1Mar 8, 2026baxmot.com
OfflineTrust 1Mar 8, 2026belazbet.com
OfflineTrust 1Mar 8, 2026berogex.com
OfflineTrust 38Mar 5, 2026betaras.com
OnlineTrust 1Mar 5, 2026betrawin.com
OfflineTrust 1Mar 8, 2026bevexo.cc
OfflineTrust 1Mar 8, 2026caorax.com
OfflineTrust 1Mar 5, 2026cusewin.cc
OfflineTrust 1Mar 8, 2026dexwin.cc
OnlineTrust 1Mar 5, 2026
Related signals
10BU
Build #26
Nexus Syndicate
Active
- 118
- detections
BU
Build #7
Nexus Syndicate
Active
- 72
- detections
BU
Build #15
Nexus Syndicate
Active
- 69
- detections
BU
Build #10
Nexus Syndicate
Active
- 69
- detections
BU
Build #17
Nexus Syndicate
Active
- 69
- detections
BU
Build #22
Nexus Syndicate
Active
- 69
- detections
BU
Build #25
Nexus Syndicate
Active
- 68
- detections
BU
Build #6
Nexus Syndicate
Active
- 67
- detections
BU
Build #8
Nexus Syndicate
Active
- 67
- detections
BU
Build #12
Nexus Syndicate
Active
- 67
- detections