EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

No screenshot available

Detection Info

https://web.pancake.run/cake-staking
Detected Brand
PancakeSwap
Country
International
Confidence
100%
HTTP Status
200
Report ID
25c65764-2ea…
Analyzed
2026-01-04 23:50
Final URL (after redirects)
https://web.pancake.run/cake-staking/redeem

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T196B3C6E582A035F942176FD4DB32BFAB755B30BFEFA38684837947A16683DA4D448C10
CONTENT ssdeep
1536:K/XfbX0K1lQLfUUG5li7+7mLzplQLfUUQlQLfUUpJ4CFf5lXckyFmD9MmSzidB9b:o1I+g+7mHpIQILF3JT

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
f968d8d2d6d6cc40
VISUAL aHash
fc8199e7c3ffefed
VISUAL dHash
cc1b324c4c381858
VISUAL wHash
7c8098ece0fcecac
VISUAL colorHash
072000000c8
VISUAL cropResistant
cc1b324c4c381858

Code Analysis

Risk Score 100/100
Threat Level BAJO
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info
WebSocket C2 🔥 Firebase Backend

🔬 Threat Analysis Report

• Threat: Potential cryptocurrency platform impersonation.
• Target: PancakeSwap users.
• Method: Website interface for redeeming staked CAKE, potential wallet connect risk.
• Exfil: Likely via wallet connection and potential exfiltration of wallet contents.
• Indicators: Firebase endpoints, WebSocket URLs, Angler kit signature, obfuscated JavaScript, and JavaScript form submission.
• Risk: LOW - Requires user interaction (wallet connection), but technical indicators point to potential risk.

🔒 Obfuscation Detected

  • atob
  • fromCharCode
  • unescape
  • hex_escape
  • unicode_escape
  • base64_strings

🎯 Kit Endpoints

  • https://blog.pancakeswap.finance/
  • https://blog.pancakeswap.finance
  • https://blog.pancakeswap.finance/articles/implementation-of-cake-tokenomics-3-0-what-you-need-to-know
  • solana:signAndSendTransaction
  • solana_signAndSendTransaction

📡 API Calls Detected

  • account
  • proxy
  • GET
  • /api/paymaster
  • https://raw-api.pancakeswap.com/ondo/market-status
  • logs
  • https://raw.githubusercontent.com/pancakeswap/airdrop-v3-users/master/forFE.json
  • https://api.blocto.app/networks/evm
  • stats
  • /api/auth/telegram-callback
  • https://www.google.com/ccm/geo
  • https://solana.pancakeswap.finance
  • POST
  • https://api-v3.raydium.io/main/auto-fee
  • https://raw-api.pancakeswap.com/ondo/status
  • https://aptos.pancakeswap.finance
  • 0x3b3b57de
  • https://proofs.pancakeswap.com/cms-config/routing-base-config.json
  • /__cookies__

☁️ Cloud Backend

  • Firebase: pancakeswap-prod-firebase.firebaseapp.com

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

No screenshot
PancakeSwap
https://pcswap.org/cake-staking/redeem
Jan 13, 2026
 Screenshot
PancakeSwap
https://pcswap.org/cake-staking/redeem
Jan 02, 2026

Scan History for web.pancake.run

Found 10 other scans for this domain

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.