Firewall IPs API — v1
Authenticated access for reporting IPs and downloading blacklists. Every request requires both a valid API key and a caller IP that is allow-listed for that key. Contact an administrator to request a key.
Send your key via the
X-API-Key header (preferred), or as an
api_key query/POST parameter if your client can't set custom headers.
POST /api/v1/report.php
Submit a new report for an IP or CIDR.
| Param | Required | Description |
|---|---|---|
ip | Yes | IP address or CIDR range |
type | No | Report type code (e.g. sshd, portscan, manual). Default: manual |
reason | No | Free-text reason |
source | No | Label identifying the reporting server |
curl -X POST https://firewallips.com/api/v1/report.php \ -H "X-API-Key: YOUR_KEY" \ --data-urlencode "ip=203.0.113.55" \ --data-urlencode "type=sshd" \ --data-urlencode "reason=20 failed SSH logins in 10 minutes" \ --data-urlencode "source=web1.example.com"
GET /api/v1/blacklist.php
Download the current active blacklist (entries not yet expired).
| Param | Required | Description |
|---|---|---|
format | No | txt (default, one IP/CIDR per line) or json |
curl https://firewallips.com/api/v1/blacklist.php?format=json \ -H "X-API-Key: YOUR_KEY"
GET /api/v1/reported.php
Download the full historical report log (never deleted).
| Param | Required | Description |
|---|---|---|
format | No | txt (default) or json |
since | No | Only return reports on/after this UTC timestamp (YYYY-MM-DD HH:MM:SS) |
limit | No | Max rows, default 5000, max 50000 |
Errors
All endpoints return JSON on error, with an HTTP status code:
401— missing/invalid API key, or caller IP not allow-listed422— invalid or missing parameters500— internal error