Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.tumban.com/llms.txt

Use this file to discover all available pages before exploring further.

When a scan reaches a terminal status (completed, completed_with_partial, or failed), Tumban issues a POST to the scan’s callback_url with a JSON body. Headers:
  • Content-Type: application/json
  • X-Sherlock-Signature: sha256=<hex> — when the organization has a webhook secret. See Signature verification.

Body

scan_id
string
required
The scan id you received when submitting.
profile_url
string
required
The submitted profile URL.
status
string
required
completed, completed_with_partial, or failed. See Status values.
completed_at
string
required
ISO 8601 UTC timestamp.
recommendation
string
required
See Recommendation values. On a failed scan, Tumban defaults this to review_high so the profile lands in your queue for manual triage.
risk_score
integer
required
0–100. On a failed scan, defaults to 50.
confidence
string
required
low, medium, or high. On a failed scan, defaults to low.
reason_codes
string[]
required
See Reason codes. On a failed scan, this is ["SCAN_FAILED"].
reason_summary
string
required
Human-readable summary. On a failed scan, this contains the error message.
review_targets
string[]
required
URLs your reviewers should look at first. On a failed scan, this is ["manual_investigation_required"].
link_chain
string
required
Short label describing the path Tumban followed (e.g. Profile → External site). Empty string on a failed scan.
dossier_url
string
required
Link to the detailed dossier for this scan.
coverage
object
required
Which analysis steps ran. See Coverage.
metadata
object
required
The metadata you submitted with the scan, echoed back unchanged.
evidence_index
object[]
Per-URL evidence the contextual model cited. May be [] when only deterministic strategies fired or the contextual model hit an infrastructure error. See Evidence index.
error
string
Present when status is failed. Brief description of what went wrong.
partial_reason
string
Present when status is completed_with_partial. Brief description of what was skipped.

Example — completed

{
  "scan_id": "550e8400-e29b-41d4-a716-446655440000",
  "profile_url": "https://creator.example/username",
  "status": "completed",
  "completed_at": "2026-04-29T12:01:38",
  "recommendation": "review_high",
  "risk_score": 85,
  "confidence": "high",
  "reason_codes": ["PROHIBITED_DOMAIN", "ADULT_KEYWORDS"],
  "reason_summary": "Direct link to a prohibited platform combined with adult keywords in bio.",
  "review_targets": ["https://prohibited-platform.example/username"],
  "link_chain": "Profile → External site",
  "dossier_url": "https://api.tumban.com/scans/550e8400-e29b-41d4-a716-446655440000",
  "coverage": {
    "profile_scraped": true,
    "external_search_completed": true,
    "social_links_checked": 3,
    "blocked_by_login": [],
    "referrer_domains_received": 12,
    "referrer_domains_after_filter": 4,
    "referrer_matches_found": 1
  },
  "metadata": {"reviewer_id": "rv_42"},
  "evidence_index": [
    {
      "ref": "link_1",
      "url": "https://prohibited-platform.example/username",
      "type": "traversed_link",
      "domain": "prohibited-platform.example"
    }
  ]
}

Example — failed

{
  "scan_id": "550e8400-e29b-41d4-a716-446655440000",
  "profile_url": "https://creator.example/username",
  "status": "failed",
  "completed_at": "2026-04-29T12:01:38",
  "recommendation": "review_high",
  "risk_score": 50,
  "confidence": "low",
  "reason_codes": ["SCAN_FAILED"],
  "reason_summary": "timeout_exceeded_450s",
  "review_targets": ["manual_investigation_required"],
  "link_chain": "",
  "dossier_url": "https://api.tumban.com/scans/550e8400-e29b-41d4-a716-446655440000",
  "coverage": {
    "profile_scraped": false,
    "external_search_completed": false,
    "social_links_checked": 0,
    "blocked_by_login": [],
    "referrer_domains_received": 0,
    "referrer_domains_after_filter": 0,
    "referrer_matches_found": 0
  },
  "metadata": {"reviewer_id": "rv_42"},
  "error": "timeout_exceeded_450s"
}

Acknowledging a webhook

Tumban considers a webhook delivered when your endpoint responds with a 2xx status. Other statuses are retried — see Delivery and retries.