urlscan.io logo urlscan.io
SecurityTrails logo

accounts-service.thoughtworks.net Open in urlscan Pro
44.193.117.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://accounts-service.thoughtworks.net/
Submission: On September 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 44.193.117.1, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is accounts-service.thoughtworks.net.
TLS certificate: Issued by Amazon on October 14th 2020. Valid for: a year.
This is the only time accounts-service.thoughtworks.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 44.193.117.1 14618 (AMAZON-AES)
6 2
Apex Domain
Subdomains		 Transfer
5 thoughtworks.net
accounts-service.thoughtworks.net
1 MB
0 swagger.io Failed
validator.swagger.io Failed
0 Failed
function sub() { [native code] }. Failed
6 3
Domain Requested by
5 accounts-service.thoughtworks.net accounts-service.thoughtworks.net
0 validator.swagger.io Failed
0 truncated Failed
6 3

This site contains links to these domains. Also see Links.

Domain
validator.swagger.io
Subject Issuer Validity Valid
accounts-service.thoughtworks.net
Amazon		 2020-10-14 -
2021-11-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://accounts-service.thoughtworks.net/
Frame ID: 2745D73859FCAFAD7397E75ACF70EE40
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Accounts Service API Documentation

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

1396 kB
Transfer

1391 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
accounts-service.thoughtworks.net/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts-service.thoughtworks.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.117.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-117-1.compute-1.amazonaws.com
Software
nginx /
Resource Hash
25355ffe5e16a411365d9048a553e5a60ad326ef6417c033d5ed783b7f76cf98
Security Headers
Name Value
Content-Security-Policy default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

:method
GET
:authority
accounts-service.thoughtworks.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 15 Sep 2021 03:11:15 GMT
content-type
text/html
set-cookie
AWSALB=+iofedWwU3SfED6OauDE/8qdbpyUgSusXz2icRiTST0Zve08bhJMi/iRPjXxmKTciw5MOaikZ3ADOduAlbrTTSFs5N63ioeXPc3rjvs/0NqNnVBVCBvHjaIdEhGt; Expires=Wed, 22 Sep 2021 03:11:15 GMT; Path=/ AWSALBCORS=+iofedWwU3SfED6OauDE/8qdbpyUgSusXz2icRiTST0Zve08bhJMi/iRPjXxmKTciw5MOaikZ3ADOduAlbrTTSFs5N63ioeXPc3rjvs/0NqNnVBVCBvHjaIdEhGt; Expires=Wed, 22 Sep 2021 03:11:15 GMT; Path=/; SameSite=None; Secure
server
nginx
last-modified
Mon, 07 Jun 2021 01:35:12 GMT
vary
Origin
content-security-policy
default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options
deny
content-encoding
gzip
swagger-ui.css
accounts-service.thoughtworks.net/ 		139 KB
139 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-service.thoughtworks.net/swagger-ui.css
Requested by
Host: accounts-service.thoughtworks.net
URL: https://accounts-service.thoughtworks.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.117.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-117-1.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0f0dff750680ff73ca90dd9bdda82f9a93e122d430441b9f9c8466098a36be8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

:path
/swagger-ui.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
accounts-service.thoughtworks.net
cookie
AWSALB=+iofedWwU3SfED6OauDE/8qdbpyUgSusXz2icRiTST0Zve08bhJMi/iRPjXxmKTciw5MOaikZ3ADOduAlbrTTSFs5N63ioeXPc3rjvs/0NqNnVBVCBvHjaIdEhGt; AWSALBCORS=+iofedWwU3SfED6OauDE/8qdbpyUgSusXz2icRiTST0Zve08bhJMi/iRPjXxmKTciw5MOaikZ3ADOduAlbrTTSFs5N63ioeXPc3rjvs/0NqNnVBVCBvHjaIdEhGt
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline';
referrer-policy
no-referrer
last-modified
Mon, 07 Jun 2021 01:35:12 GMT
server
nginx
etag
"60bd77d0-22a11"
x-frame-options
deny
content-type
text/css
set-cookie
AWSALB=qkRaioH2nE2FBvNJjov2aXmUD5p6cafhBMH1lduGzxKasrwu5XPsv0lhzlqLI2y7LW21KQ+Sg6qImMK2MJXThpzofsyUkFMoF6lsD93AEjteHrFOYVsNiRAFpCPs; Expires=Wed, 22 Sep 2021 03:11:15 GMT; Path=/ AWSALBCORS=qkRaioH2nE2FBvNJjov2aXmUD5p6cafhBMH1lduGzxKasrwu5XPsv0lhzlqLI2y7LW21KQ+Sg6qImMK2MJXThpzofsyUkFMoF6lsD93AEjteHrFOYVsNiRAFpCPs; Expires=Wed, 22 Sep 2021 03:11:15 GMT; Path=/; SameSite=None; Secure
date
Wed, 15 Sep 2021 03:11:15 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
141841
x-content-type-options
nosniff
swagger-ui-bundle.js
accounts-service.thoughtworks.net/ 		951 KB
953 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-service.thoughtworks.net/swagger-ui-bundle.js
Requested by
Host: accounts-service.thoughtworks.net
URL: https://accounts-service.thoughtworks.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.117.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-117-1.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2832be4b9a93c81c3ba518e823d5d548ad4a6a7ebc797c2811a36b93a896f2af
Security Headers
Name Value
Content-Security-Policy default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

:path
/swagger-ui-bundle.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
accounts-service.thoughtworks.net
cookie
AWSALB=+iofedWwU3SfED6OauDE/8qdbpyUgSusXz2icRiTST0Zve08bhJMi/iRPjXxmKTciw5MOaikZ3ADOduAlbrTTSFs5N63ioeXPc3rjvs/0NqNnVBVCBvHjaIdEhGt; AWSALBCORS=+iofedWwU3SfED6OauDE/8qdbpyUgSusXz2icRiTST0Zve08bhJMi/iRPjXxmKTciw5MOaikZ3ADOduAlbrTTSFs5N63ioeXPc3rjvs/0NqNnVBVCBvHjaIdEhGt
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline';
referrer-policy
no-referrer
last-modified
Mon, 07 Jun 2021 01:35:12 GMT
server
nginx
etag
"60bd77d0-edd60"
x-frame-options
deny
content-type
application/javascript
set-cookie
AWSALB=12oaXa7S+RdkML6slJAfOOvY5lKvGjh629a6rTMqlZTLq4eh/Hngr5yTEwcaFZyj7m5AlXn2ws9ny5N4HTFZ39wy8OC5WCpTQRNrYniFSEV8H6+ItHDLsKOIZYom; Expires=Wed, 22 Sep 2021 03:11:15 GMT; Path=/ AWSALBCORS=12oaXa7S+RdkML6slJAfOOvY5lKvGjh629a6rTMqlZTLq4eh/Hngr5yTEwcaFZyj7m5AlXn2ws9ny5N4HTFZ39wy8OC5WCpTQRNrYniFSEV8H6+ItHDLsKOIZYom; Expires=Wed, 22 Sep 2021 03:11:15 GMT; Path=/; SameSite=None; Secure
date
Wed, 15 Sep 2021 03:11:15 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
974176
x-content-type-options
nosniff
swagger-ui-standalone-preset.js
accounts-service.thoughtworks.net/ 		300 KB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-service.thoughtworks.net/swagger-ui-standalone-preset.js
Requested by
Host: accounts-service.thoughtworks.net
URL: https://accounts-service.thoughtworks.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.117.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-117-1.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d8dcb3c704a5797fc910f442d514139498e5477d756c0d866d860b5a9c9ee909
Security Headers
Name Value
Content-Security-Policy default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

:path
/swagger-ui-standalone-preset.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
accounts-service.thoughtworks.net
cookie
AWSALB=+iofedWwU3SfED6OauDE/8qdbpyUgSusXz2icRiTST0Zve08bhJMi/iRPjXxmKTciw5MOaikZ3ADOduAlbrTTSFs5N63ioeXPc3rjvs/0NqNnVBVCBvHjaIdEhGt; AWSALBCORS=+iofedWwU3SfED6OauDE/8qdbpyUgSusXz2icRiTST0Zve08bhJMi/iRPjXxmKTciw5MOaikZ3ADOduAlbrTTSFs5N63ioeXPc3rjvs/0NqNnVBVCBvHjaIdEhGt
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline';
referrer-policy
no-referrer
last-modified
Mon, 07 Jun 2021 01:35:12 GMT
server
nginx
etag
"60bd77d0-4af4d"
x-frame-options
deny
content-type
application/javascript
set-cookie
AWSALB=XoQEwuzyzD7Lubr3zgz+eNbzDSENYorRtVoAk7AeQPREFPDkFT7IB1BkH2KfXLbqvsc/Df61+Nz1Nfb4rUS25A7uw/qoAegxnCY+zFM11KO3mkm2OHFHR9u00KCe; Expires=Wed, 22 Sep 2021 03:11:15 GMT; Path=/ AWSALBCORS=XoQEwuzyzD7Lubr3zgz+eNbzDSENYorRtVoAk7AeQPREFPDkFT7IB1BkH2KfXLbqvsc/Df61+Nz1Nfb4rUS25A7uw/qoAegxnCY+zFM11KO3mkm2OHFHR9u00KCe; Expires=Wed, 22 Sep 2021 03:11:15 GMT; Path=/; SameSite=None; Secure
date
Wed, 15 Sep 2021 03:11:15 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
307021
x-content-type-options
nosniff
doc_v1
accounts-service.thoughtworks.net/ 		28 B
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts-service.thoughtworks.net/doc_v1
Requested by
Host: accounts-service.thoughtworks.net
URL: https://accounts-service.thoughtworks.net/swagger-ui-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.117.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-117-1.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3b5de605ff0e47174cbbbe29ab963b9c3496ed839f6a437f8a425f8e9811affd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:path
/doc_v1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/json,*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
accounts-service.thoughtworks.net
cookie
AWSALB=XoQEwuzyzD7Lubr3zgz+eNbzDSENYorRtVoAk7AeQPREFPDkFT7IB1BkH2KfXLbqvsc/Df61+Nz1Nfb4rUS25A7uw/qoAegxnCY+zFM11KO3mkm2OHFHR9u00KCe; AWSALBCORS=XoQEwuzyzD7Lubr3zgz+eNbzDSENYorRtVoAk7AeQPREFPDkFT7IB1BkH2KfXLbqvsc/Df61+Nz1Nfb4rUS25A7uw/qoAegxnCY+zFM11KO3mkm2OHFHR9u00KCe
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json,*/*
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 15 Sep 2021 03:11:16 GMT
transaction_id
8afee0cb-b6a4-4d76-8fb4-dbd30bf80259
server
nginx
vary
Origin
content-type
application/json
set-cookie
AWSALB=vBWlwAuq3weM3N6Em80fO/BffVC9KIFVkJZRj60wPbfZE1g206CDWTysseF4BHrAu703Qn2HnlULW/j3xg+Lf0CDze5ww4S0+fSE4MdQAc+RcSdnHpUHHDkha7CG; Expires=Wed, 22 Sep 2021 03:11:16 GMT; Path=/ AWSALBCORS=vBWlwAuq3weM3N6Em80fO/BffVC9KIFVkJZRj60wPbfZE1g206CDWTysseF4BHrAu703Qn2HnlULW/j3xg+Lf0CDze5ww4S0+fSE4MdQAc+RcSdnHpUHHDkha7CG; Expires=Wed, 22 Sep 2021 03:11:16 GMT; Path=/; SameSite=None; Secure
strict-transport-security
max-age=31536000; includeSubDomains
content-length
28
truncated
/ 		0
0
validator
validator.swagger.io/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
truncated
URL
data:truncated
Domain
validator.swagger.io
URL
https://validator.swagger.io/validator?url=https%3A%2F%2Faccounts-service.thoughtworks.net%2Fdoc_v1

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime function| SwaggerUIBundle object| SwaggerUIStandalonePreset object| versions object| ui

2 Cookies

Domain/Path Name / Value
accounts-service.thoughtworks.net/ Name: AWSALB
Value: vBWlwAuq3weM3N6Em80fO/BffVC9KIFVkJZRj60wPbfZE1g206CDWTysseF4BHrAu703Qn2HnlULW/j3xg+Lf0CDze5ww4S0+fSE4MdQAc+RcSdnHpUHHDkha7CG
accounts-service.thoughtworks.net/ Name: AWSALBCORS
Value: vBWlwAuq3weM3N6Em80fO/BffVC9KIFVkJZRj60wPbfZE1g206CDWTysseF4BHrAu703Qn2HnlULW/j3xg+Lf0CDze5ww4S0+fSE4MdQAc+RcSdnHpUHHDkha7CG

5 Console Messages

Source Level URL
Text
security error URL: https://accounts-service.thoughtworks.net/
Message:
The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security error URL: https://accounts-service.thoughtworks.net/
Message:
The Content-Security-Policy directive 'default-src' contains 'style-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security error URL: https://accounts-service.thoughtworks.net/
Message:
Refused to load the image 'data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB2aWV3Qm94PSIwIDAgNDA3IDExNiI+DQogIDxkZWZzPg0KICAgIDxzdHlsZT4NCiAgICAgIC5jbHMtMSB7DQogICAgICAgIGNsaXAtcGF0aDogdXJsKCNjbGlwLVNXX1RNLWxvZ28tb24tZGFyayk7DQogICAgICB9DQoNCiAgICAgIC5jbHMtMiB7DQogICAgICAgIGZpbGw6ICNmZmY7DQogICAgICB9DQoNCiAgICAgIC5jbHMtMyB7DQogICAgICAgIGZpbGw6ICM4NWVhMmQ7DQogICAgICB9DQoNCiAgICAgIC5jbHMtNCB7DQogICAgICAgIGZpbGw6ICMxNzM2NDc7DQogICAgICB9DQogICAgPC9zd...U5LS44ODVaIi8+DQogICAgICA8cGF0aCBpZD0iUGF0aF8yOTY3IiBkYXRhLW5hbWU9IlBhdGggMjk2NyIgY2xhc3M9ImNscy0yIiBkPSJNMjI1Ljc1OCwxMDEuNjg2aDEuNWwyLjAyMyw1LjI2N2EyMC4xODgsMjAuMTg4LDAsMCwxLC44MjYsMi42aC4wNjdxLjEwOS0uNDMxLjQ1OS0xLjQ3MXQyLjI4OC02LjRoMS41TDIzMC40NTIsMTEyLjJhNS4yNTMsNS4yNTMsMCwwLDEtMS4zNzgsMi4yMTIsMi45MzIsMi45MzIsMCwwLDEtMS45MzQuNjUzLDUuNjU5LDUuNjU5LDAsMCwxLTEuMjY0LS4xNDNWMTEzLjhhNC45LDQuOSwwLDAsMCwxLjAzNy4xLDIuMTM2LDIuMTM2LDAsMCwwLDIuMDU2LTEuNjE4bC41MTQtMS4zMTRaIi8+DQogICAgPC9nPg0KICA8L2c+DQo8L3N2Zz4NCg==' because it violates the following Content Security Policy directive: "default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://accounts-service.thoughtworks.net/
Message:
Refused to load the image 'https://validator.swagger.io/validator?url=https%3A%2F%2Faccounts-service.thoughtworks.net%2Fdoc_v1' because it violates the following Content Security Policy directive: "default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
network error URL: https://accounts-service.thoughtworks.net/doc_v1
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' img-src 'unsafe-inline' style-src 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny