AllScanTool
Security Architecture Brief
One-page overview for procurement and security review teams
Verified Read-Only Scan Platform
Product Overview
Product name
AllScanTool
Product type
Browser-based code scanning utility — read-only, stateless
Operator
Lexicon Media Holdings LLC
Deployment
Cloudflare Workers — global edge network
Contact
admin@allscantool.com
Core Security Properties
AllScanTool never stores, logs, or retains submitted code. Every scan runs in volatile memory and is discarded immediately upon completion. No code content is written to disk at any point.
Storage
Zero — no code is written to disk or database at any time
Execution
None — submitted code is never executed, only pattern-matched
Retention
Zero seconds — scan data is discarded immediately after response
Logging
No code content is logged — only operational metrics
PII handling
No user identity required — anonymous by default
Data Flow
Step 1 — Input
User pastes code into browser textarea
Step 2 — Transit
Code sent via HTTPS POST to api.allscantool.com (TLS encrypted)
Step 3 — Processing
Cloudflare Worker pattern-matches code in volatile memory only
Step 4 — Response
Findings returned as JSON — severity, label, plain-English explanation, fix
Step 5 — Disposal
All scan data discarded — nothing retained after response
Infrastructure
Provider
Cloudflare — global edge network (200+ locations)
Multi-region
Yes — Cloudflare Workers deploy globally by default
Transit encryption
TLS — all communication encrypted in transit
Scanner endpoint
https://api.allscantool.com (Worker v4.0.0)
UI endpoint
https://app.allscantool.com (Cloudflare Pages)
Incident Response
Responsible party
Owner — Lexicon Media Holdings LLC
Detection
External uptime monitoring — api.allscantool.com
Containment
Cloudflare Worker or Pages rollback to prior version
Prior versions
100 Worker versions retained — instant rollback available
Contact
admin@allscantool.com
Report Provenance
Scan ID format
AST-YYYY-XXXXXX — unique identifier on every scan
Verification footer
Every exported report includes: Verified Read-Only Scan · No execution performed
Where AllScanTool Fits In Your Security Stack
Tool category
Deliverable-layer code scanner — complements repository and pipeline tools
Repository scanners
Analyze committed code, dependencies, and pull requests inside managed repositories and CI/CD pipelines
Inline code assistants
Suggest and review code during active development inside the IDE
AllScanTool — missing layer
Analyzes final deliverable code — mixed PHP, JavaScript, HTML, and WordPress — at the point of client delivery, outside managed repositories
Relationship to other tools
Additive — does not replace repository or pipeline tools — completes the workflow at the delivery point where those tools stop
Coverage gap addressed
Mixed frontend output, inherited client code, third-party plugins, and code that exists outside CI/CD pipelines
© 2026 AllScanTool · Lexicon Media Holdings LLC · May 26, 2026
admin@allscantool.com