{
"items": [
{
"host_key": "example.com",
"path": "/",
"expires_utc": "2025-01-01T00:00:00",
"name": "example",
"value": "🍪"
}
],
"next": null
}
{
"items": [
{
"url": "https://example.com",
"username": "john_doe",
"password": "hunter2",
"application": "application"
}
],
"next": null
}
Expand Event Field
curl --request GET \
--url https://api.flare.io/firework/v4/events/_expand \
--header 'Authorization: Bearer <token>'import requests
url = "https://api.flare.io/firework/v4/events/_expand"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.flare.io/firework/v4/events/_expand', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.flare.io/firework/v4/events/_expand",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.flare.io/firework/v4/events/_expand"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", "Bearer <token>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.flare.io/firework/v4/events/_expand")
.header("Authorization", "Bearer <token>")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.flare.io/firework/v4/events/_expand")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
response = http.request(request)
puts response.read_body{
"items": [
{
"host_key": "example.com",
"path": "/",
"expires_utc": "2025-01-01T00:00:00",
"name": "example",
"value": "🍪"
}
],
"next": null
}
{
"items": [
{
"url": "https://example.com",
"username": "john_doe",
"password": "hunter2",
"application": "application"
}
],
"next": null
}
Events
Expand Event V2 Field (Beta)
{
"items": [
{
"host_key": "example.com",
"path": "/",
"expires_utc": "2025-01-01T00:00:00",
"name": "example",
"value": "🍪"
}
],
"next": null
}
{
"items": [
{
"url": "https://example.com",
"username": "john_doe",
"password": "hunter2",
"application": "application"
}
],
"next": null
}
GET
/
firework
/
v4
/
events
/
_expand
Expand Event Field
curl --request GET \
--url https://api.flare.io/firework/v4/events/_expand \
--header 'Authorization: Bearer <token>'import requests
url = "https://api.flare.io/firework/v4/events/_expand"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.flare.io/firework/v4/events/_expand', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.flare.io/firework/v4/events/_expand",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.flare.io/firework/v4/events/_expand"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", "Bearer <token>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.flare.io/firework/v4/events/_expand")
.header("Authorization", "Bearer <token>")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.flare.io/firework/v4/events/_expand")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
response = http.request(request)
puts response.read_body{
"items": [
{
"host_key": "example.com",
"path": "/",
"expires_utc": "2025-01-01T00:00:00",
"name": "example",
"value": "🍪"
}
],
"next": null
}
{
"items": [
{
"url": "https://example.com",
"username": "john_doe",
"password": "hunter2",
"application": "application"
}
],
"next": null
}
Returns a page of items for a particular expanded field in a specified event.
Expandable fields
The following fields can be expanded for the given event type.- Stealer Log
cookies credentialsAuthorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Query Parameters
Available options:
credentials, cookies Required range:
x <= 20Was this page helpful?
⌘I