Phisherman is an API and service that detects phishing links in real-time. It is primarily used by developers to integrate anti-phishing capabilities into Discord bots and other online moderation tools.

How does Phisherman detect phishing links?

Phisherman uses a continuously updated database of known phishing URLs and employs detection algorithms to identify new and emerging phishing threats, including those that use redirects.

What programming languages does Phisherman support?

Phisherman provides SDKs for Node.js, Python, and Go, making it accessible for developers working with these languages. The API can also be used with any language capable of making HTTP requests.

Can Phisherman be used outside of Discord?

While often associated with Discord bots, the Phisherman API can be integrated into any application, moderation tool, or platform that requires real-time URL scanning and phishing detection.

What are the core products offered by Phisherman?

Phisherman's core products are the Phisherman API, for custom integrations, and the Phisherman Bot, a pre-built solution for Discord servers.

Phisherman API for Real-time Phishing Detection

Q: Is there a free tier for Phisherman?

Yes, Phisherman offers a free plan that includes 100 API lookups per minute and 100,000 lookups per month, suitable for personal projects and initial development.

Overview

Phisherman is a specialized service and API focused on identifying and mitigating phishing attempts, particularly within dynamic online environments like Discord servers. Its core function is to provide real-time detection of malicious URLs, allowing developers and community administrators to protect users from deceptive links. The platform maintains a continually updated database of known phishing sites and employs detection mechanisms to identify emerging threats.

The primary use case for Phisherman involves integrating its API into existing applications, especially Discord bots, to automate the process of scanning and responding to suspicious links. When a user posts a URL, the integrated bot can query the Phisherman API to determine if the link is a known phishing threat. This enables immediate actions such as warning users, deleting messages, or logging incidents for review. The service is suitable for developers building moderation tools, security platforms, or any application requiring automated URL verification to enhance user safety.

Phisherman offers two main products: the Phisherman API and the Phisherman Bot. The API provides programmatic access to its detection capabilities, allowing custom integrations. The Phisherman Bot is a pre-built solution designed for Discord, offering out-of-the-box phishing detection without requiring custom code. This dual approach caters to both developers who need granular control over their security implementations and administrators seeking a ready-to-deploy moderation tool.

The API is designed for ease of integration, with clear documentation and SDKs available for common programming languages such as Node.js and Python. This facilitates rapid development for projects ranging from personal Discord bots to larger community moderation systems. The availability of a free tier, offering 100 API lookups per minute and 100,000 lookups per month, supports developers during the initial stages of integration and for smaller-scale projects. For higher volumes, paid plans scale based on lookup capacity.

The service addresses a critical need in online communities where phishing attempts can lead to credential theft, malware infections, or other forms of digital fraud. By providing an automated and continuously updated defense mechanism, Phisherman aims to reduce the manual effort required for content moderation and enhance the overall security posture of online platforms. The focus on real-time detection helps to minimize exposure time for malicious links, a critical factor in preventing successful phishing attacks. For a broader understanding of how phishing attacks operate, the Mozilla Developer Network provides a glossary entry on phishing.

Key features

Real-time Phishing Link Detection: Scans URLs against a continuously updated database of known phishing sites and employs heuristics to identify new threats as they emerge.
API Access: Provides a RESTful API for programmatic integration into custom applications, moderation bots, and security platforms.
Discord Bot Integration: Offers a pre-built Phisherman Bot that can be added to Discord servers for immediate phishing link detection and moderation.
SDKs for Multiple Languages: Supports client libraries for Node.js, Python, and Go, simplifying integration for developers.
URL Redirection Tracing: Analyzes URL redirects to uncover the true destination of a link, even if it initially appears benign.
Customizable Actions: Allows developers to define responses to detected phishing links, such as deleting messages, issuing warnings, or logging incidents.
Scalable Lookup Volume: Pricing tiers are structured to accommodate varying levels of API lookup traffic, from personal projects to large communities.

Pricing

Phisherman offers a free tier and several paid plans, with pricing primarily determined by the volume of API lookups per minute and per month. The free tier provides a starting point for development and smaller projects, while paid plans offer increased capacity and support.

Plan Name	API Lookups/Minute	API Lookups/Month	Monthly Price (as of 2026-05-28)	Features
Free	100	100,000	$0	Basic phishing detection
Pro	500	500,000	$5	Standard phishing detection, increased limits
Business	2,000	2,000,000	$20	High-volume phishing detection
Enterprise	Custom	Custom	Contact for pricing	Volume-based pricing, dedicated support

For detailed and up-to-date pricing information, refer to the official Phisherman pricing page.

Common integrations

Discord Bots: Phisherman is frequently integrated into custom Discord bots using its API or by deploying the pre-built Phisherman Bot to automate phishing link detection and moderation within Discord servers. The Phisherman API reference provides details for building such integrations.
Custom Moderation Tools: Developers can integrate the Phisherman API into custom moderation dashboards or backend systems to centralize content security and threat detection across various online platforms.
Chat Applications: The API can be used to scan URLs posted in other chat or messaging applications to provide real-time security warnings to users.
Forum Software: Integration into forum platforms can help automatically identify and flag malicious links in user-generated content.

Alternatives

StopPhish: Another service focused on phishing detection, often used for similar bot and community moderation purposes.
URLScan.io: A free service that analyzes websites and provides detailed reports on their potential maliciousness, including redirects and embedded resources.
VirusTotal: A widely used service that aggregates results from multiple antivirus engines and URL scanners to detect malware and malicious websites.

Getting started

To begin using the Phisherman API, you typically obtain an API key from your Phisherman account and then use an HTTP client or one of the provided SDKs to make requests. The following Node.js example demonstrates how to check a URL for phishing using a simple API call. This example assumes you have an API key and are making a request to the Phisherman API endpoint.

First, ensure you have Node.js installed. You can install a package like node-fetch to make HTTP requests if you're not using the official SDK.

const fetch = require('node-fetch');

const PHISHERMAN_API_KEY = 'YOUR_PHISHERMAN_API_KEY'; // Replace with your actual API key
const URL_TO_CHECK = 'https://example-phishing.com'; // Replace with the URL you want to check

async function checkUrlForPhishing(url) {
    try {
        const response = await fetch('https://api.phisherman.gg/v2/scam/check', {
            method: 'POST',
            headers: {
                'Content-Type': 'application/json',
                'Authorization': `Bearer ${PHISHERMAN_API_KEY}`
            },
            body: JSON.stringify({
                url: url
            })
        });

        if (!response.ok) {
            const errorText = await response.text();
            throw new Error(`API request failed with status ${response.status}: ${errorText}`);
        }

        const data = await response.json();
        console.log(`Checking URL: ${url}`);
        console.log('Phishing Status:', data);
        return data;

    } catch (error) {
        console.error('Error checking URL:', error.message);
        return null;
    }
}

// Example usage:
checkUrlForPhishing(URL_TO_CHECK);

// You can also check multiple URLs:
// checkUrlForPhishing('https://google.com');
// checkUrlForPhishing('https://another-malicious-site.xyz');

This code snippet sends a POST request to the Phisherman API's /v2/scam/check endpoint with the URL to be analyzed. The API key is passed in the Authorization header. The response will indicate whether the URL is detected as a phishing threat, along with additional details. For more in-depth examples and API specifications, consult the Phisherman API reference documentation.

Phisherman API for Real-time Phishing Detection

Overview

Key features

Pricing

Common integrations

Alternatives

Getting started

# frequently asked questions

## reviews

## comments

Overview

Key features

Pricing

Common integrations

Alternatives

Getting started

# frequently asked questions

# see also

## reviews

## comments