Summary
A Concise Overview of the scan result of url https://create.choreograph.com/portal/login?from=https%3A%2F%2Fcreate.choreograph.com%2Fportal%2F
- Document
- HTML
- 4
- StyleSheets
- 6
- Scripts
- 8
- Font
- 3
- Images
- 1
- Links
- 1
- JavaScript Variables
- 19
- Console log messages
- 0
- Network
- Requests
- 24
- Bytes Transferred
- 2.01MB
- Bytes Total
- 6.35MB
- DNS Record
- A Record
- 3
- Technology
- PaaS
- 1
- Analytics
- 1
- User onboarding
- 1
- Security
- 1
- CDN
- 1
- SSL/TLS certificate authorities
- 1
Document
Links
The outgoing links identified from the page.
Link | Text |
---|---|
https://www.choreograph.com/global-privacy-policy/global-privacy-policy-english/ | Privacy policy |
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
Name | Description | Detected patterns |
---|---|---|
Analytics | ||
Pendo | Pendo is a product analytics platform used in release to enrich the product experience and provide insights to the product management team. | Type: scriptSrc Regex: \.pendo\.io\/ |
Security | ||
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
CDN | ||
Amazon S3 | Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface. | Type: headers Name: content-security-policy Regex: s3[^ ]{0,250}amazonaws\.com |
User onboarding | ||
Pendo | Pendo is a product analytics platform used in release to enrich the product experience and provide insights to the product management team. | Type: scriptSrc Regex: \.pendo\.io\/ |
PaaS | ||
Amazon Web Services | Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality. | Dependent on AWS Certificate Manager,Amazon S3 |
SSL/TLS certificate authorities | ||
AWS Certificate Manager | AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. | Type: certIssuer Regex: Amazon |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 1 msGood
- requestTime
- 3 msGood
- dom
- 1 msGood
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
Type | Name | Content | DNSSEC |
---|---|---|---|
A | create.choreograph.com | 52.209.50.140 | no |
A | create.choreograph.com | 34.240.69.1 | no |
A | create.choreograph.com | 108.128.186.239 | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
Subject | Issue date | Expiry date | Valid |
---|---|---|---|
create.choreograph.com Amazon RSA 2048 M03 | 4/11/2024 | 5/11/2025 | 1 year 1 month |
upload.video.google.com WR2 | 8/5/2024 | 10/28/2024 | 2 months 23 days |
cdn.eu.pendo.io WR3 | 8/28/2024 | 11/26/2024 | 3 months |
*.gstatic.com WR2 | 8/5/2024 | 10/28/2024 | 2 months 23 days |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
Name | Value |
---|---|
Connection | keep-alive |
Content-Type | text/html |
Date | Fri, 06 Sep 2024 05:06:39 GMT |
Strict-Transport-Security | includeSubdomains; preload |
Transfer-Encoding | chunked |
X-Content-Type-Options | nosniff |
cache-control | no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 |
content-encoding | gzip |
content-security-policy | default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lemonpi.io https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.gstatic.com https://cdn.greenhousegroup.com https://cdnjs.cloudflare.com/ajax/libs/basicModal/3.3.9/basicModal.min.js https://cdn.jsdelivr.net/gh/bramkorsten/ https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-*.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://*.lemonpi.io https://cdn.jsdelivr.net/gh/bramkorsten/ https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-*.storage.googleapis.com ws:; img-src * data: blob:; media-src * data: blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://public-assets.os.wpp.com/fonts/ https://use.typekit.net https://p.typekit.net https://cdnjs.cloudflare.com/ajax/libs/basicModal/3.3.9/basicModal.min.css https://cdnjs.cloudflare.com/ajax/libs/css-spinning-spinners/1.1.1/load4.css https://unpkg.com/balloon-css/balloon.min.css https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-4527820689702912.storage.googleapis.com data:; frame-ancestors 'self' https://*.lemonpi.io https://app.eu.pendo.io https://*.wpp-stage.os-dev.io https://*.os.wpp.com; font-src 'self' data: https://*.lemonpi.io https://fonts.gstatic.com https://public-assets.os.wpp.com/fonts/ https://use.typekit.net chrome-extension:; frame-src https://lemonpi-prod-templates.s3.amazonaws.com https://lemonpi-test-templates.s3.amazonaws.com https://www.google.com https://*.lemonpi.io/ https://*.test.lemonpi.io/ http://localhost:*/ http://127.0.0.1:*/ https://app.eu.pendo.io; report-uri https://sentry.lemonpi.io/api/37/security/?sentry_key=2a59c9b4a41445c69bb6e35986859c5e; child-src https://app.eu.pendo.io |
last-modified | Friday, 06-Sep-2024 05:06:39 UTC |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
Name | Value |
---|---|
default-src | 'none' |
script-src | 'self''unsafe-inline''unsafe-eval'https://*.lemonpi.iohttps://www.google.comhttps://www.googletagmanager.comhttps://www.google-analytics.comhttps://www.gstatic.comhttps://cdn.greenhousegroup.comhttps://cdnjs.cloudflare.com/ajax/libs/basicModal/3.3.9/basicModal.min.jshttps://cdn.jsdelivr.net/gh/bramkorsten/https://app.eu.pendo.iohttps://pendo-eu-static.storage.googleapis.comhttps://cdn.eu.pendo.iohttps://pendo-eu-static-*.storage.googleapis.comhttps://data.eu.pendo.io |
connect-src | 'self'https://*.lemonpi.iohttps://cdn.jsdelivr.net/gh/bramkorsten/https://app.eu.pendo.iohttps://data.eu.pendo.iohttps://pendo-eu-static-*.storage.googleapis.comws: |
img-src | *data:blob: |
media-src | *data:blob: |
style-src | 'self''unsafe-inline'https://fonts.googleapis.comhttps://public-assets.os.wpp.com/fonts/https://use.typekit.nethttps://p.typekit.nethttps://cdnjs.cloudflare.com/ajax/libs/basicModal/3.3.9/basicModal.min.csshttps://cdnjs.cloudflare.com/ajax/libs/css-spinning-spinners/1.1.1/load4.csshttps://unpkg.com/balloon-css/balloon.min.csshttps://app.eu.pendo.iohttps://cdn.eu.pendo.iohttps://pendo-eu-static-4527820689702912.storage.googleapis.comdata: |
frame-ancestors | 'self'https://*.lemonpi.iohttps://app.eu.pendo.iohttps://*.wpp-stage.os-dev.iohttps://*.os.wpp.com |
font-src | 'self'data:https://*.lemonpi.iohttps://fonts.gstatic.comhttps://public-assets.os.wpp.com/fonts/https://use.typekit.netchrome-extension: |
frame-src | https://lemonpi-prod-templates.s3.amazonaws.comhttps://lemonpi-test-templates.s3.amazonaws.comhttps://www.google.comhttps://*.lemonpi.io/https://*.test.lemonpi.io/http://localhost:*/http://127.0.0.1:*/https://app.eu.pendo.io |
report-uri | https://sentry.lemonpi.io/api/37/security/?sentry_key=2a59c9b4a41445c69bb6e35986859c5e |
child-src | https://app.eu.pendo.i |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
Name | Value | Domain/Path | Expires | Secure | HTTP Only |
---|