Referência API¶

RISK¶

GET `https://mantis3-api.safelabs.com.br/risks`¶

Objetivo — essa rota tem como objetivo retornar os riscos de acordo com o filtro e paginação.

Query

Campos vazios não são incluídos na URL.
Para asset_type, criticality, event_category e status pode indicar vários valores separados por vírgula.

Parâmetro	Tipo	Notas
`x-api-key`	header	Chave API
`page`	int	Define a página que deseja visualizar
`page_size`	int	Define a quantidade de riscos por página
`asset_type`	enum[]	Valores que deseja pesquisar (ex.: `DOMAIN, IP`)
`criticality`	enum[]	Criticidade dos riscos (ex.: `LOW, HIGH`)
`event_category`	enum[]	Categoria dos riscos (ex.: `SOCIAL, FRAUD`)
`status`	enum[]	Status atual do risco (ex.: `IN_PROGRESS, NEW`)
`date_from`	datetime	Data do início da pesquisa (ex.: `yyyy-MM-ddThh-mm-ss`)
`date_to`	datetime	Data do final da pesquisa (ex.: `yyyy-MM-ddThh-mm-ss`)
`sort`	string	Ordena pelo campo informado (ex.: `created_at:desc`)

Respostas

200 (api176), 400 (api016), 422 (validação), 500 (api182).

Exemplos de inserção de parametros

Os parametros deverá seguir um padrão para que as consultas sejam realizadas corretamente, seguem os padrões necessários:

x-api-key — "sk_api_123abc"

page — "1" "2" "3"

page_size — "10" "20" "30"

asset_type — "DOMAIN" "BRAND" "IPV4" "BIN" "APK" "NAME" "CPF" "CNPJ" "EMAIL" "PHONE" "PASSPORT" "RG" "CNH" "ACCOUNT_NAME" "CREDIT_CARD"

criticality — "CRITICAL" "HIGH" "MEDIUM" "LOW"

event_category — "Aplications" "Buckets" "Dataleak" "Ecommerce" "Fraud" "DarkDeepWeb" "Phishing" "Social" "EASM"

status — "IN_PROGRESS" "NEW" "ON_HOLD" "RESOLVED"

date_from — "2010-10-10T10:10:10" "2011-11-11T11:11:11"

date_to — "2010-10-10T10:10:10" "2011-11-11T11:11:11"

sort — "created_at:desc" "financial_impact:asc"

Implementação

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

// Requer libcurl (compilar com -lcurl)
#include <curl/curl.h>
#include <stdio.h>

int main(void) {
  CURL *curl = curl_easy_init();
  if (!curl) return 1;
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync(
    "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET",
    "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const base = "https://mantis3-api.safelabs.com.br";
const r = await fetch(`${base}/risks?page=1&page_size=10`, {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod `
  -Uri "https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10" `
  -Headers $headers `
  -Method Get

import requests

BASE = "https://mantis3-api.safelabs.com.br"
r = requests.get(
    f"{BASE}/risks?page=1&page_size=10",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Exemplos de corpo da resposta

200400422500

{
  "page_number": 1,
  "page_size": 10,
  "total_pages": 3,
  "total_record": 25,
  "total_registers": 10,
  "content": [
    {
      "id": 123,
      "status": "NEW",
      "created_at": "2025-03-20T14:30:00Z",
      "event_url": "https://exemplo.com/alvo",
      "event_category": "Phishing",
      "asset_type": "DOMAIN",
      "criticality": "HIGH",
      "financial_impact": null,
      "risk_impact_severity": "HIGH",
      "impact_calculated_at": "2025-03-20T15:00:00Z",
      "assets_list": ["exemplo.com"],
      "aggregation": false
    }
  ],
  "status_counts": {
    "NEW": 8,
    "IN_PROGRESS": 4,
    "CLOSED": 13
  }
}

{
  "detail": "api016"
}

{
  "detail": [
    {
      "type": "greater_than_equal",
      "loc": ["query", "page"],
      "msg": "Input should be greater than or equal to 1",
      "input": "0"
    }
  ]
}

{
  "detail": "api182"
}

GET `https://mantis3-api.safelabs.com.br/risks/{risk_id}`¶

Objetivo — essa rota tem como objetivo retornar os detalhes do risco.

Parâmetro	Tipo	Notas	Valor (exemplo)
`x-api-key`	header	Autenticação
`risk_id`	path	Identificador na URL

Respostas

200, 404 (api170), 422 (validação de risk_id).

x-api-key — "sk_api_123abc"

risk_id — "1" "2" "3"

Implementação

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/risks/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync("https://mantis3-api.safelabs.com.br/risks/123").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/risks/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/risks/123" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET", "https://mantis3-api.safelabs.com.br/risks/123", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.*;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/risks/123"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const r = await fetch("https://mantis3-api.safelabs.com.br/risks/123", {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/risks/123');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod -Uri "https://mantis3-api.safelabs.com.br/risks/123" -Headers $headers -Method Get

import requests

r = requests.get(
    "https://mantis3-api.safelabs.com.br/risks/123",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/risks/123")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Exemplos de corpo da resposta

200404422

{
  "id": 123,
  "event_id": "evt-abc-001",
  "asset_type": "DOMAIN",
  "event_category": "Phishing",
  "event_url": "https://exemplo.com/alvo",
  "created_at": "2025-03-20T14:30:00Z",
  "impact": "Alto risco de credenciais expostas.",
  "description": "Domínio associado a campanha de phishing.",
  "recommendation": "Bloquear domínio e notificar usuários.",
  "rule": {
    "name": "Detecção de phishing",
    "description": "Regra de monitoramento de marcas",
    "severity": "HIGH"
  },
  "status": "IN_PROGRESS",
  "financial_impact": 5000.0,
  "risk_impact_severity": "HIGH",
  "impact_calculated_at": "2025-03-20T15:00:00Z",
  "event_details": null,
  "rule_details": null,
  "assets_list": ["exemplo.com"]
}

{
  "detail": "api170"
}

{
  "detail": [
    {
      "type": "int_parsing",
      "loc": ["path", "risk_id"],
      "msg": "Input should be a valid integer, unable to parse string as an integer",
      "input": "abc"
    }
  ]
}

GET `https://mantis3-api.safelabs.com.br/risks/aggregation/{risk_id}`¶

Detalhe com informação de agregação e lista de eventos agregados quando aplicável.

Path e exemplos — valores só para esta rota (/risks/aggregation/{risk_id}).

Parâmetro	Tipo	Notas	Valor (exemplo)
`x-api-key`	header	Autenticação
`risk_id`	path	Identificador na URL

Respostas

200, 404 (api170), 422 (validação de risk_id).

x-api-key — "sk_api_123abc"

risk_id — "1" "2" "3"

Implementação

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/aggregation/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync(
    "https://mantis3-api.safelabs.com.br/risks/aggregation/123").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/aggregation/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/risks/aggregation/123" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET",
    "https://mantis3-api.safelabs.com.br/risks/aggregation/123", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.*;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/risks/aggregation/123"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const r = await fetch("https://mantis3-api.safelabs.com.br/risks/aggregation/123", {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/risks/aggregation/123');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod -Uri "https://mantis3-api.safelabs.com.br/risks/aggregation/123" -Headers $headers -Method Get

import requests

r = requests.get(
    "https://mantis3-api.safelabs.com.br/risks/aggregation/123",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/risks/aggregation/123")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Exemplos de corpo da resposta

200404422

{
  "id": 123,
  "event_id": "42",
  "asset_type": "EMAIL",
  "event_category": "Dataleak",
  "event_url": null,
  "created_at": "2025-03-18T09:00:00Z",
  "impact": null,
  "description": "Risco agregado por regra.",
  "recommendation": null,
  "rule": {
    "name": "Vazamento de credenciais",
    "description": null,
    "severity": "MEDIUM"
  },
  "status": "NEW",
  "event": null,
  "financial_impact": null,
  "risk_impact_severity": "MEDIUM",
  "impact_calculated_at": null,
  "event_details": [
    {
      "event_id": "evt-001",
      "created_date": "2025-03-18T09:05:00Z",
      "affected_user": "usuario@exemplo.com"
    },
    {
      "event_id": "evt-002",
      "created_date": "2025-03-19T11:20:00Z",
      "affected_user": null
    }
  ],
  "rule_details": null,
  "assets_list": [],
  "aggregation": true
}

{
  "detail": "api170"
}

{
  "detail": [
    {
      "type": "int_parsing",
      "loc": ["path", "risk_id"],
      "msg": "Input should be a valid integer, unable to parse string as an integer",
      "input": "abc"
    }
  ]
}

GET `https://mantis3-api.safelabs.com.br/risks/timeline/{risk_id}`¶

Timeline cronológica (coleta, processamento, histórico de status) e event_timeline.

Path e exemplos — valores só para esta rota (/risks/timeline/{risk_id}).

Parâmetro	Tipo	Notas	Valor (exemplo)
`x-api-key`	header	Autenticação
`risk_id`	path	Identificador na URL

Respostas

200, 404 (api170), 422 (validação de risk_id).

x-api-key — "sk_api_123abc"

risk_id — "1" "2" "3"

Implementação

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/timeline/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync(
    "https://mantis3-api.safelabs.com.br/risks/timeline/123").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/timeline/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/risks/timeline/123" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET",
    "https://mantis3-api.safelabs.com.br/risks/timeline/123", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.*;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/risks/timeline/123"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const r = await fetch("https://mantis3-api.safelabs.com.br/risks/timeline/123", {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/risks/timeline/123');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod -Uri "https://mantis3-api.safelabs.com.br/risks/timeline/123" -Headers $headers -Method Get

import requests

r = requests.get(
    "https://mantis3-api.safelabs.com.br/risks/timeline/123",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/risks/timeline/123")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Exemplos de corpo da resposta

200404422

{
  "timeline": [
    {
      "date": "2025-03-18T08:00:00Z",
      "title": "Coleta",
      "description": "Evento coletado na fonte.",
      "user_name": null
    },
    {
      "date": "2025-03-18T09:15:00Z",
      "title": "Processamento",
      "description": "Evento processado e associado ao risco.",
      "user_name": null
    },
    {
      "date": "2025-03-19T10:00:00Z",
      "title": "Disponibilizado",
      "description": "Status alterado para em análise.",
      "user_name": "Ana Silva"
    }
  ],
  "event_timeline": [
    {
      "event_id": "evt-abc-001",
      "collected_at": "2025-03-18T08:00:00Z",
      "processed_at": "2025-03-18T09:15:00Z",
      "category": "Phishing",
      "asset_type": "DOMAIN",
      "event_url": "https://exemplo.com/phishing"
    }
  ]
}

{
  "detail": "api170"
}

{
  "detail": [
    {
      "type": "int_parsing",
      "loc": ["path", "risk_id"],
      "msg": "Input should be a valid integer, unable to parse string as an integer",
      "input": "abc"
    }
  ]
}

GET `https://mantis3-api.safelabs.com.br/risks/notes/{risk_id}`¶

Lista de notas do risco, ordenadas por created_at ascendente.

Path e exemplos — valores só para esta rota (/risks/notes/{risk_id}).

Parâmetro	Tipo	Notas	Valor (exemplo)
`x-api-key`	header	Autenticação
`risk_id`	path	Identificador na URL

Respostas

200, 404 (api170), 422 (validação de risk_id).

x-api-key — "sk_api_123abc"

risk_id — "1" "2" "3"

Implementação

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/notes/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync(
    "https://mantis3-api.safelabs.com.br/risks/notes/123").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL,
    "https://mantis3-api.safelabs.com.br/risks/notes/123");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/risks/notes/123" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET",
    "https://mantis3-api.safelabs.com.br/risks/notes/123", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.*;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/risks/notes/123"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const r = await fetch("https://mantis3-api.safelabs.com.br/risks/notes/123", {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/risks/notes/123');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod -Uri "https://mantis3-api.safelabs.com.br/risks/notes/123" -Headers $headers -Method Get

import requests

r = requests.get(
    "https://mantis3-api.safelabs.com.br/risks/notes/123",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/risks/notes/123")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Exemplos de corpo da resposta

200404422

{
  "notes": [
    {
      "name": "João Pereira",
      "note": "Contato com o fornecedor realizado.",
      "created_at": "2025-03-19T16:45:00Z"
    },
    {
      "name": "Maria Costa",
      "note": "Aguardando retorno do time de segurança.",
      "created_at": "2025-03-20T09:10:00Z"
    }
  ]
}

{
  "detail": "api170"
}

{
  "detail": [
    {
      "type": "int_parsing",
      "loc": ["path", "risk_id"],
      "msg": "Input should be a valid integer, unable to parse string as an integer",
      "input": "abc"
    }
  ]
}

EVENT¶

GET `https://mantis3-api.safelabs.com.br/events/{event_id}`¶

Objetivo — retorna o documento do evento no OpenSearch pelo identificador, com details mapeados quando existir mapeamento por coletor/tipo e mascaramento de dados sensíveis nos ativos quando aplicável.

Parâmetro	Tipo	Notas	Valor (exemplo)
`x-api-key`	header	Autenticação
`event_id`	path	ID do evento no OpenSearch

Respostas

200 (corpo _source enriquecido), 404 (api180), 422 (validação de path quando aplicável).

x-api-key — "sk_api_123abc"

event_id — identificador alfanumérico retornado em listagens ou no detalhe de risco (ex.: abc123xyz).

Implementação

C++C#CcURLGoJavaJavaScriptPHPPowerShellPythonRuby

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/events/example-event-id");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

using System.Net.Http;

using var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-api-key", "SUA_CHAVE_API");
var json = client.GetStringAsync("https://mantis3-api.safelabs.com.br/events/example-event-id").Result;

#include <curl/curl.h>

int main(void) {
  CURL *curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/events/example-event-id");
  struct curl_slist *h =
      curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
  curl_easy_perform(curl);
  curl_slist_free_all(h);
  curl_easy_cleanup(curl);
  return 0;
}

curl -sS "https://mantis3-api.safelabs.com.br/events/example-event-id" \
  -H "x-api-key: SUA_CHAVE_API"

package main

import (
  "io"
  "net/http"
  "os"
)

func main() {
  req, _ := http.NewRequest("GET", "https://mantis3-api.safelabs.com.br/events/example-event-id", nil)
  req.Header.Set("x-api-key", "SUA_CHAVE_API")
  resp, err := http.DefaultClient.Do(req)
  if err != nil {
    panic(err)
  }
  defer resp.Body.Close()
  io.Copy(os.Stdout, resp.Body)
}

import java.net.URI;
import java.net.http.*;

var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
    .uri(URI.create("https://mantis3-api.safelabs.com.br/events/example-event-id"))
    .header("x-api-key", "SUA_CHAVE_API")
    .GET()
    .build();
HttpResponse<String> res =
    client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());

const r = await fetch("https://mantis3-api.safelabs.com.br/events/example-event-id", {
  headers: { "x-api-key": "SUA_CHAVE_API" },
});
if (!r.ok) throw new Error(await r.text());
const data = await r.json();

<?php
$ch = curl_init('https://mantis3-api.safelabs.com.br/events/example-event-id');
curl_setopt_array($ch, [
    CURLOPT_HTTPHEADER => ['x-api-key: SUA_CHAVE_API'],
    CURLOPT_RETURNTRANSFER => true,
]);
echo curl_exec($ch);

$headers = @{ "x-api-key" = "SUA_CHAVE_API" }
Invoke-RestMethod -Uri "https://mantis3-api.safelabs.com.br/events/example-event-id" -Headers $headers -Method Get

import requests

r = requests.get(
    "https://mantis3-api.safelabs.com.br/events/example-event-id",
    headers={"x-api-key": "SUA_CHAVE_API"},
    timeout=30,
)
r.raise_for_status()
data = r.json()

require "net/http"
require "uri"

uri = URI("https://mantis3-api.safelabs.com.br/events/example-event-id")
req = Net::HTTP::Get.new(uri)
req["x-api-key"] = "SUA_CHAVE_API"
res = Net::HTTP.start(uri.hostname, uri.port) { |h| h.request(req) }
puts res.body

Exemplos de corpo da resposta

200404422

{
  "id": "example-event-id",
  "asset_type": "DOMAIN",
  "event_category": "Phishing",
  "created_at": "2025-03-20T14:30:00Z",
  "details": {},
  "provider_name": "provedor",
  "assets_name": ["exemplo.com"]
}

{
  "detail": "api180"
}

{
  "detail": [
    {
      "type": "missing",
      "loc": ["path", "event_id"],
      "msg": "Field required",
      "input": null
    }
  ]
}

Referência API¶

RISK¶

GET https://mantis3-api.safelabs.com.br/risks¶

GET https://mantis3-api.safelabs.com.br/risks/{risk_id}¶

GET https://mantis3-api.safelabs.com.br/risks/aggregation/{risk_id}¶

GET https://mantis3-api.safelabs.com.br/risks/timeline/{risk_id}¶

GET https://mantis3-api.safelabs.com.br/risks/notes/{risk_id}¶

EVENT¶

GET https://mantis3-api.safelabs.com.br/events/{event_id}¶

GET `https://mantis3-api.safelabs.com.br/risks`¶

GET `https://mantis3-api.safelabs.com.br/risks/{risk_id}`¶

GET `https://mantis3-api.safelabs.com.br/risks/aggregation/{risk_id}`¶

GET `https://mantis3-api.safelabs.com.br/risks/timeline/{risk_id}`¶

GET `https://mantis3-api.safelabs.com.br/risks/notes/{risk_id}`¶

GET `https://mantis3-api.safelabs.com.br/events/{event_id}`¶