Sign in Sign up

DOM

DOM

Genome Signature

DOM #82

Active Network: Nexus Syndicate

signature profile

Three scam domains share identical DOM structure hashing, indicating they use cloned HTML layouts and page organization copied from a common template. This structural replication across ewuhzwbe.com, hhhees.com, and hhheyy.com strongly suggests coordinated scam infrastructure operated by the same threat actor.

Fingerprinta2cf4f339125d464c2907feb8631e1c8b85978ab46ddb7c216489c2153db943f

Detections: 3
Hash type: DOM structure
Status: Active
Last scanned: May 2026

detection timeline

3

2026-04

Detected domains

3

ewuhzwbe.com
OnlineTrust 26Apr 29, 2026
hhhees.com
OfflineTrust 1Apr 8, 2026
hhheyy.com
OfflineTrust 1Apr 8, 2026

Domain	Status	Trust	First seen
ewuhzwbe.com	Online	26	Apr 29, 2026
hhhees.com	Offline	1	Apr 8, 2026
hhheyy.com	Offline	1	Apr 8, 2026

Related signals

1

Favicon #69

Nexus Syndicate

38
detections