API Reference

RISK

GET https://mantis3-api.safelabs.com.br/risks

Purpose — returns risks according to filters and pagination.

Query

• Empty fields are not included in the URL.
• For asset_type, criticality, event_category, and status you can pass multiple comma-separated values.

Parameter	Type	Notes	Sample value
x-api-key	header	API key
page	int	Page number to retrieve
page_size	int	Number of risks per page
asset_type	enum[]	Values to filter (e.g. DOMAIN, IP)
criticality	enum[]	Risk criticality (e.g. LOW, HIGH)
event_category	enum[]	Risk categories (e.g. SOCIAL, FRAUD)
status	enum[]	Current risk status (e.g. IN_PROGRESS, NEW)
date_from	datetime	Search start date (e.g. yyyy-MM-ddThh-mm-ss)
date_to	datetime	Search end date (e.g. yyyy-MM-ddThh-mm-ss)
sort	string	Sort by field (e.g. created_at:desc)

Responses

200 (api176), 400 (api016), 422 (validation), 500 (api182).

Parameter format examples

Parameters must follow the patterns below so requests behave correctly:

x-api-key — "sk_api_123abc"

page — "1" "2" "3"

page_size — "10" "20" "30"

asset_type — "DOMAIN" "BRAND" "IPV4" "BIN" "APK" "NAME" "CPF" "CNPJ" "EMAIL" "PHONE" "PASSPORT" "RG" "CNH" "ACCOUNT_NAME" "CREDIT_CARD"

criticality — "CRITICAL" "HIGH" "MEDIUM" "LOW"

event_category — "Aplications" "Buckets" "Dataleak" "Ecommerce" "Fraud" "DarkDeepWeb" "Phishing" "Social" "EASM"

status — "IN_PROGRESS" "NEW" "ON_HOLD" "RESOLVED"

date_from — "2010-10-10T10:10:10" "2011-11-11T11:11:11"

date_to — "2010-10-10T10:10:10" "2011-11-11T11:11:11"

sort — "created_at:desc" "financial_impact:asc"

Implementation

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

// Requires libcurl (link with -lcurl)
#include <curl/curl.h>
#include <stdio.h>

int main(void) {
  CURL *curl = curl_easy_init();
  if (!curl) return 1;
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync(
    "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET",
    "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const base = "https://mantis3-api.safelabs.com.br";
const r = await fetch(`${base}/risks?page=1&page_size=10`, {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod `
  -Uri "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10" `
  -Headers $headers `
  -Method Get

import requests

BASE = "https://mantis3-api.safelabs.com.br"
r = requests.get(
    f"{BASE}/risks?page=1&page_size=10",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Response body examples

200400422500

{
  "page_number": 1,
  "page_size": 10,
  "total_pages": 3,
  "total_record": 25,
  "total_registers": 10,
  "content": [
    {
      "id": 123,
      "status": "NEW",
      "created_at": "2025-03-20T14:30:00Z",
      "event_url": "https://example.com/alvo",
      "event_category": "Phishing",
      "asset_type": "DOMAIN",
      "criticality": "HIGH",
      "financial_impact": null,
      "risk_impact_severity": "HIGH",
      "impact_calculated_at": "2025-03-20T15:00:00Z",
      "assets_list": ["example.com"],
      "aggregation": false
    }
  ],
  "status_counts": {
    "NEW": 8,
    "IN_PROGRESS": 4,
    "CLOSED": 13
  }
}

{
  "detail": "api016"
}

{
  "detail": [
    {
      "type": "greater_than_equal",
      "loc": ["query", "page"],
      "msg": "Input should be greater than or equal to 1",
      "input": "0"
    }
  ]
}

{
  "detail": "api182"
}

GET https://mantis3-api.safelabs.com.br/risks/{risk_id}

Purpose — returns the risk details.

Parameter	Type	Notes	Sample value
x-api-key	header	Authentication
risk_id	path	Identifier in the URL

Responses

200, 404 (api170), 422 (risk_id validation).

x-api-key — "sk_api_123abc"

risk_id — "1" "2" "3"

Implementation

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/risks/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync("https://mantis3-api.safelabs.com.br/risks/123").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/risks/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/risks/123" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET", "https://mantis3-api.safelabs.com.br/risks/123", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.*;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/risks/123"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const r = await fetch("https://mantis3-api.safelabs.com.br/risks/123", {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/risks/123');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod -Uri "https://mantis3-api.safelabs.com.br/risks/123" -Headers $headers -Method Get

import requests

r = requests.get(
    "https://mantis3-api.safelabs.com.br/risks/123",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/risks/123")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Response body examples

200404422

{
  "id": 123,
  "event_id": "evt-abc-001",
  "asset_type": "DOMAIN",
  "event_category": "Phishing",
  "event_url": "https://example.com/alvo",
  "created_at": "2025-03-20T14:30:00Z",
  "impact": "High risk of exposed credentials.",
  "description": "Domain linked to a phishing campaign.",
  "recommendation": "Block the domain and notify users.",
  "rule": {
    "name": "Phishing detection",
    "description": "Brand monitoring rule",
    "severity": "HIGH"
  },
  "status": "IN_PROGRESS",
  "financial_impact": 5000.0,
  "risk_impact_severity": "HIGH",
  "impact_calculated_at": "2025-03-20T15:00:00Z",
  "event_details": null,
  "rule_details": null,
  "assets_list": ["example.com"]
}

{
  "detail": "api170"
}

{
  "detail": [
    {
      "type": "int_parsing",
      "loc": ["path", "risk_id"],
      "msg": "Input should be a valid integer, unable to parse string as an integer",
      "input": "abc"
    }
  ]
}

GET https://mantis3-api.safelabs.com.br/risks/aggregation/{risk_id}

Detail with aggregation information and a list of aggregated events when applicable.

Path and examples — values apply only to this route (/risks/aggregation/{risk_id}).

Parameter	Type	Notes	Sample value
x-api-key	header	Authentication
risk_id	path	Identifier in the URL

Responses

200, 404 (api170), 422 (risk_id validation).

x-api-key — "sk_api_123abc"

risk_id — "1" "2" "3"

Implementation

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/aggregation/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync(
    "https://mantis3-api.safelabs.com.br/risks/aggregation/123").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/aggregation/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/risks/aggregation/123" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET",
    "https://mantis3-api.safelabs.com.br/risks/aggregation/123", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.*;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/risks/aggregation/123"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const r = await fetch("https://mantis3-api.safelabs.com.br/risks/aggregation/123", {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/risks/aggregation/123');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod -Uri "https://mantis3-api.safelabs.com.br/risks/aggregation/123" -Headers $headers -Method Get

import requests

r = requests.get(
    "https://mantis3-api.safelabs.com.br/risks/aggregation/123",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/risks/aggregation/123")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Response body examples

200404422

{
  "id": 123,
  "event_id": "42",
  "asset_type": "EMAIL",
  "event_category": "Dataleak",
  "event_url": null,
  "created_at": "2025-03-18T09:00:00Z",
  "impact": null,
  "description": "Risco agregado por regra.",
  "recommendation": null,
  "rule": {
    "name": "Vazamento de credenciais",
    "description": null,
    "severity": "MEDIUM"
  },
  "status": "NEW",
  "event": null,
  "financial_impact": null,
  "risk_impact_severity": "MEDIUM",
  "impact_calculated_at": null,
  "event_details": [
    {
      "event_id": "evt-001",
      "created_date": "2025-03-18T09:05:00Z",
      "affected_user": "user@example.com"
    },
    {
      "event_id": "evt-002",
      "created_date": "2025-03-19T11:20:00Z",
      "affected_user": null
    }
  ],
  "rule_details": null,
  "assets_list": [],
  "aggregation": true
}

{
  "detail": "api170"
}

{
  "detail": [
    {
      "type": "int_parsing",
      "loc": ["path", "risk_id"],
      "msg": "Input should be a valid integer, unable to parse string as an integer",
      "input": "abc"
    }
  ]
}

GET https://mantis3-api.safelabs.com.br/risks/timeline/{risk_id}

Chronological timeline (collection, processing, status history) and event_timeline.

Path and examples — values apply only to this route (/risks/timeline/{risk_id}).

Parameter	Type	Notes	Sample value
x-api-key	header	Authentication
risk_id	path	Identifier in the URL

Responses

200, 404 (api170), 422 (risk_id validation).

x-api-key — "sk_api_123abc"

risk_id — "1" "2" "3"

Implementation

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/timeline/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync(
    "https://mantis3-api.safelabs.com.br/risks/timeline/123").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/timeline/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/risks/timeline/123" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET",
    "https://mantis3-api.safelabs.com.br/risks/timeline/123", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.*;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/risks/timeline/123"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const r = await fetch("https://mantis3-api.safelabs.com.br/risks/timeline/123", {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/risks/timeline/123');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod -Uri "https://mantis3-api.safelabs.com.br/risks/timeline/123" -Headers $headers -Method Get

import requests

r = requests.get(
    "https://mantis3-api.safelabs.com.br/risks/timeline/123",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/risks/timeline/123")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Response body examples

200404422

{
  "timeline": [
    {
      "date": "2025-03-18T08:00:00Z",
      "title": "Collection",
      "description": "Event collected at the source.",
      "user_name": null
    },
    {
      "date": "2025-03-18T09:15:00Z",
      "title": "Processing",
      "description": "Event processed and linked to the risk.",
      "user_name": null
    },
    {
      "date": "2025-03-19T10:00:00Z",
      "title": "Published",
      "description": "Status changed to in review.",
      "user_name": "Jane Doe"
    }
  ],
  "event_timeline": [
    {
      "event_id": "evt-abc-001",
      "collected_at": "2025-03-18T08:00:00Z",
      "processed_at": "2025-03-18T09:15:00Z",
      "category": "Phishing",
      "asset_type": "DOMAIN",
      "event_url": "https://example.com/phishing"
    }
  ]
}

{
  "detail": "api170"
}

{
  "detail": [
    {
      "type": "int_parsing",
      "loc": ["path", "risk_id"],
      "msg": "Input should be a valid integer, unable to parse string as an integer",
      "input": "abc"
    }
  ]
}

GET https://mantis3-api.safelabs.com.br/risks/notes/{risk_id}

List of risk notes, sorted by created_at ascending.

Path and examples — values apply only to this route (/risks/notes/{risk_id}).

Parameter	Type	Notes	Sample value
x-api-key	header	Authentication
risk_id	path	Identifier in the URL

Responses

200, 404 (api170), 422 (risk_id validation).

x-api-key — "sk_api_123abc"

risk_id — "1" "2" "3"

Implementation

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/notes/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync(
    "https://mantis3-api.safelabs.com.br/risks/notes/123").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/notes/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/risks/notes/123" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET",
    "https://mantis3-api.safelabs.com.br/risks/notes/123", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.*;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/risks/notes/123"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const r = await fetch("https://mantis3-api.safelabs.com.br/risks/notes/123", {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/risks/notes/123');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod -Uri "https://mantis3-api.safelabs.com.br/risks/notes/123" -Headers $headers -Method Get

import requests

r = requests.get(
    "https://mantis3-api.safelabs.com.br/risks/notes/123",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/risks/notes/123")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Response body examples

200404422

{
  "notes": [
    {
      "name": "John Smith",
      "note": "Supplier contact completed.",
      "created_at": "2025-03-19T16:45:00Z"
    },
    {
      "name": "Mary Costa",
      "note": "Awaiting response from the security team.",
      "created_at": "2025-03-20T09:10:00Z"
    }
  ]
}

{
  "detail": "api170"
}

{
  "detail": [
    {
      "type": "int_parsing",
      "loc": ["path", "risk_id"],
      "msg": "Input should be a valid integer, unable to parse string as an integer",
      "input": "abc"
    }
  ]
}

EVENT

GET https://mantis3-api.safelabs.com.br/events/{event_id}

Purpose — returns the OpenSearch event document by id, with mapped details when a collector/type mapping exists and sensitive asset data masked when applicable.

Parameter	Type	Notes	Sample value
x-api-key	header	Authentication
event_id	path	Event id in OpenSearch

Responses

200 (enriched _source body), 404 (api180), 422 (path validation when applicable).

x-api-key — "sk_api_123abc"

event_id — alphanumeric id from listings or risk detail (e.g. abc123xyz).

Implementation

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/events/example-event-id");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync("https://mantis3-api.safelabs.com.br/events/example-event-id").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/events/example-event-id");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/events/example-event-id" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET", "https://mantis3-api.safelabs.com.br/events/example-event-id", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.*;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/events/example-event-id"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const r = await fetch("https://mantis3-api.safelabs.com.br/events/example-event-id", {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/events/example-event-id');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod -Uri "https://mantis3-api.safelabs.com.br/events/example-event-id" -Headers $headers -Method Get

import requests

r = requests.get(
    "https://mantis3-api.safelabs.com.br/events/example-event-id",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/events/example-event-id")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Response body examples

200404422

{
  "id": "example-event-id",
  "asset_type": "DOMAIN",
  "event_category": "Phishing",
  "created_at": "2025-03-20T14:30:00Z",
  "details": {},
  "provider_name": "provider",
  "assets_name": ["example.com"]
}

{
  "detail": "api180"
}

{
  "detail": [
    {
      "type": "missing",
      "loc": ["path", "event_id"],
      "msg": "Field required",
      "input": null
    }
  ]
}