PhishStats is a phishing database and real-time threat intelligence feed for the information security community. It states that it has been used for cybersecurity research since 2014. It provides verified phishing URLs, IPs, domains, and threat scores, accessible through a web search interface or a JSON REST API. Its main use cases include SOC analysis, threat hunting, incident response, and academic research.
In terms of protection type, PhishStats is more of a threat intelligence and investigation tool than an email gateway, browser isolation solution, or endpoint blocking product. Its core value lies in querying and enriching phishing indicators: it supports filtering by URL, IP, country, ASN, date range, and more, with sorting, pagination, interactive map visualization, and multi-format export. Data is updated every 90 minutes, and the phishscore is generated using 22 features and machine learning algorithms to assess the likelihood that a URL is a phishing site. Deployment is lightweight: analysts can investigate manually via the Web UI, or integrate JSON intelligence into SIEM, SOAR, or research pipelines through the REST API.
Read-only access is currently free and requires no registration. The API is limited to 20 requests per minute; higher request volumes require contacting the provider for a custom arrangement. The website mentions future Premium API Tiers, including higher limits, advanced features, priority access, and dedicated support, but does not disclose pricing. Support is available via email. No SLA, online ticketing system, enterprise support commitment, or compliance certifications were found.
The advantages are its low free-entry barrier, focused data types, and API-friendly design, making it suitable for quickly enriching alerts with phishing intelligence. The 90-minute update frequency is also practical for research and lightweight detection. The drawbacks are that the default API quota is relatively low, while webhook notifications, submission APIs, and Slack/Teams/Google Chat integrations are still listed as upcoming features. For production-grade security operations, service availability, data coverage, false-positive control, and compliance details still need further validation.
PhishStats is suitable for security researchers, small SOC teams, threat intelligence analysts, and teams that need a low-cost phishing feed. Large enterprises requiring high-frequency API calls should contact the provider for a custom plan and validate stability. Access from mainland China is not discussed in the main content, and payment methods are not disclosed. If access or integration is limited, alternatives to compare include OpenPhish, PhishTank, Google Safe Browsing, URLhaus, and VirusTotal.
โ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on phishstats.info official site.
phishstats.info is an Unknown Cybersecurity provider. TG4G tracks its product information, an overall rating of 8.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach phishstats.info directly.