BU
A shared build hash present across 67 domains indicates these sites use an identical codebase or application framework, suggesting they were generated from the same source code template or builder tool. This forensic signal is characteristic of a coordinated scam operation using an automated domain generation or mass-deployment system to rapidly launch functionally identical phishing or fraudulent sites.
Fingerprint
2e2ad5efca352ade- Detections
- 67
- Hash type
- Build artefact
- Status
- Active
- Last scanned
- May 2026
672026-03
Detected domains
671xjett.com
OfflineTrust 1Mar 8, 2026baxmot.com
OfflineTrust 1Mar 8, 2026belazbet.com
OfflineTrust 1Mar 8, 2026berogex.com
OfflineTrust 38Mar 5, 2026betaras.com
OnlineTrust 1Mar 5, 2026betrawin.com
OfflineTrust 1Mar 8, 2026bevexo.cc
OfflineTrust 1Mar 8, 2026caorax.com
OfflineTrust 1Mar 5, 2026cusewin.cc
OfflineTrust 1Mar 8, 2026dexwin.cc
OnlineTrust 1Mar 5, 2026
Related signals
10BU
Build #26
Nexus Syndicate
Active
- 118
- detections
BU
Build #18
Nexus Syndicate
Active
- 73
- detections
BU
Build #7
Nexus Syndicate
Active
- 72
- detections
BU
Build #15
Nexus Syndicate
Active
- 69
- detections
BU
Build #10
Nexus Syndicate
Active
- 69
- detections
BU
Build #17
Nexus Syndicate
Active
- 69
- detections
BU
Build #22
Nexus Syndicate
Active
- 69
- detections
BU
Build #25
Nexus Syndicate
Active
- 68
- detections
BU
Build #6
Nexus Syndicate
Active
- 67
- detections
BU
Build #12
Nexus Syndicate
Active
- 67
- detections