PhishStats
PhishStats - Feed | API | Threat Hunting and Research.
Phishing database and real-time feed for cybersecurity research since 2014, with verified URLs, IPs, domains and threat scores for the infosec community.
PhishStats by the Numbers
Join thousands of security professionals, organizations, and academics who rely on the PhishStats phishing database and feed for threat intelligence, incident response, and phishing research.
Phishing URLs
Comprehensive database of verified phishing threats
Monthly API Requests
Trusted by security professionals worldwide
Research Papers
Cited in academic and industry research
Continuously growing database with real-time updates every 90 minutes
Search the phishing database
Investigate millions of verified phishing URLs through an intuitive search interface designed for SOC analysts, threat hunters and phishing research. Filter by URL, IP, country, ASN, date range, and more.
- Advanced search filters and sorting options
- Interactive data visualization and maps
- Export results in multiple formats
Start exploring: Search and Explore
Phishing feed API
Plug PhishStats into your stack as a real-time phishing feed. Run complex queries against our phishing database and stream JSON-formatted threat intelligence straight into your SIEM, SOAR, or research pipeline.
- Real-time data updates
- Customizable filters for URL, Title, Country and more
- Seamless integration with external APIs and services
API available at: https://api.phishstats.info
Platform capabilities
These features are available now for registered users. Paid plans unlock higher API volume, submissions, and monitoring limits.
Submit phishing URLs
Contribute URLs through our web interface and API. Help expand the database and strengthen the community's collective defense.
Monitoring & webhooks
Receive real-time alerts for new phishing URLs via custom webhooks. Integrate with Slack, Microsoft Teams, Discord, Google Chat, and Telegram.
Premium & Enterprise
Higher API volume, submissions, and monitoring limits for integrators and teams. Transparent pricing with monthly or annual billing.
Threat Hunting & Similar pages
On any record's detail page, pivot on title, IP, domain, and enrichment signals like body hash, tracking IDs, and redirect chains to surface shared infrastructure and correlated campaigns.
Have any questions?
Frequently Asked Questions
Is PhishStats a free phishing database for research?
Yes. PhishStats is a free phishing database and real-time phishing feed used in cybersecurity research since 2014. Verified phishing URLs, IPs, domains, and threat scores are accessible through our web search interface and JSON REST API, with no signup required for read-only access.
How many API requests can I make?
Limits depend on your plan. Anonymous API access is capped at 50 requests per day per IP. Registered free users get 150 API requests per day with an API key, plus per-minute burst limits. Premium and Enterprise plans offer higher daily quotas. See our Pricing page for details. All daily quotas reset at UTC midnight.
Where can I find API documentation?
You can find comprehensive API documentation with examples and parameters at our API Docs page. It includes detailed information about filtering, sorting, pagination, and various query examples.
How often is the data updated?
Our database is updated every 90 minutes with the latest phishing intelligence. We recommend checking for updates no more frequently than this interval to ensure optimal performance.
What is the phishscore and how is it calculated?
The phishscore is a confidence rating calculated using 22 different features and machine learning algorithms. It provides a numerical assessment of how likely a URL is to be a phishing site, helping you prioritize threats based on confidence levels.
How to get support for the product?
For any questions or support, please send an email to [email protected]. We'll be happy to assist you with any questions or concerns you may have.