EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

No screenshot available

Detection Info

https://pcswap.org/liquidity/pools
Detected Brand
PancakeSwap
Country
International
Confidence
100%
HTTP Status
200
Report ID
f220eeca-f37…
Analyzed
2026-01-15 05:21
Final URL (after redirects)
https://pcswap.org/liquidity/pools?chain=bsc&network=56&network=1&network=8453&network=204&network=324&network=59144&network=42161&network=143&network=8000001001

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T14EB3C7F582A075F94117AFD8DB327BAB715B34BFEFA38684837947A16683DA4D448C00
CONTENT ssdeep
1536:g/XfbX0K1lQLfUU85l7I9lQLfUUQlQLfUUpJ4CFf5lUckyFmD9MvSzidB9x:q1IME9IQILF3f5

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
dc7892d2c34bc3c3
VISUAL aHash
0c809091ffffffff
VISUAL dHash
98342323d4c0c0c0
VISUAL wHash
240000007f7fffff
VISUAL colorHash
070004000c8
VISUAL cropResistant
98342323d4c0c0c0

Code Analysis

Risk Score 100/100
Threat Level BAJO
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info
WebSocket C2 🔥 Firebase Backend

🔬 Threat Analysis Report

• Threat: Potential impersonation of PancakeSwap, but not a clear phishing attempt in the screenshot.
• Target: PancakeSwap users.
• Method: Domain contains misspelled version of the brand.
• Exfil: None detected from screenshot
• Indicators: Domain name containing 'pcswap' (misspelling of 'pancakeswap'), page displays PancakeSwap interface
• Risk: LOW - Domain name contains brand, but a typo, further investigation is needed to understand what the website does.

🔒 Obfuscation Detected

  • atob
  • fromCharCode
  • unescape
  • hex_escape
  • unicode_escape
  • base64_strings

🎯 Kit Endpoints

  • https://blog.pancakeswap.finance/
  • https://blog.pancakeswap.finance
  • solana_signAndSendTransaction
  • solana:signAndSendTransaction

📡 API Calls Detected

  • https://proofs.pancakeswap.com/cms-config/routing-base-config.json
  • https://aptos.pancakeswap.finance
  • /api/auth/telegram-callback
  • POST
  • https://api-v3.raydium.io/main/auto-fee
  • https://raw.githubusercontent.com/pancakeswap/airdrop-v3-users/master/forFE.json
  • /api/paymaster
  • stats
  • https://docs.pancakeswap.finance/products/yield-farming/how-to-use-farms
  • https://www.google.com/ccm/geo
  • account
  • https://raw-api.pancakeswap.com/ondo/status
  • https://solana.pancakeswap.finance
  • https://raw-api.pancakeswap.com/ondo/market-status
  • https://api.blocto.app/networks/evm
  • /__cookies__
  • proxy
  • GET
  • 0x3b3b57de
  • logs

☁️ Cloud Backend

  • Firebase: pancakeswap-prod-firebase.firebaseapp.com

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

No screenshot
PancakeSwap
https://web3.pancake.run/liquidity/pools
Jan 22, 2026

Scan History for pcswap.org

Found 10 other scans for this domain

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.