Sign in Sign up

DOM

DOM

Genome Signature

DOM #57

Active Network: Nexus Syndicate

signature profile

Multiple scam domains share identical HTML DOM structure, indicating they were generated from a common template or cloned codebase used to rapidly deploy phishing or fraud sites. This forensic signal reveals coordinated infrastructure where the same page layout and element hierarchy are being reused across different domain names to scale malicious operations.

Fingerprint4735bd6df3e0a6a4c1f1d687b4d0c5bdc65dabf0461c1b0c41c9496a83274d0f

Detections: 5
Hash type: DOM structure
Status: Active
Last scanned: May 2026

detection timeline

5

2026-03

Detected domains

5

falxor.com
OnlineTrust 36Mar 19, 2026
noxvex.com
OnlineTrust 1Mar 21, 2026
teraxcoin.com
OnlineTrust 1Mar 21, 2026
teslaq.xyz
OnlineTrust 1Mar 21, 2026
yopdex.com
OnlineTrust 1Mar 21, 2026

Domain	Status	Trust	First seen
falxor.com	Online	36	Mar 19, 2026
noxvex.com	Online	1	Mar 21, 2026
teraxcoin.com	Online	1	Mar 21, 2026
teslaq.xyz	Online	1	Mar 21, 2026
yopdex.com	Online	1	Mar 21, 2026

Related signals

2

Favicon #62

Nexus Syndicate

88
detections

Build #2

Nexus Syndicate

78
detections