LeakIX - Host databand-test-scale.databand.ai

Domain databand-test-scale.databand.ai

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.36.162.214
Domain: databand-test-scale.databand.ai
Port: 443
URL: https://databand-test-scale.databand.ai

First seen 2025-10-24 01:25
Last seen 2026-02-09 07:10
Open for 108 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 07:10
Create report

Open service 23.36.162.214:443 · databand-test-scale.databand.ai

2026-01-23 03:43

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=utf-8
Content-Length: 195
Location: /app
X-Robots-Tag: noindex, nofollow
Permissions-Policy: geolocation=()
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; frame-src https://*.ibm.com https://*.ibmcloud.com https://*.truste.com https://*.trustarc.com https://*.segment.com https://*.segment.io 'self'; object-src 'none'; style-src https://*.googletagmanager.com https://*.walkme.com https://*.amplitude.com https://*.instana.io https://*.newrelic.com https://*.nr-data.net https://1.www.s81c.com https://*.ibm.com https://*.ibmcloud.com https://*.truste.com https://*.trustarc.com https://*.segment.com https://*.segment.io 'self' 'unsafe-inline'; font-src https://1.www.s81c.com 'self' data:; worker-src 'self' blob:; img-src https://*.googletagmanager.com https://*.googletagmanager.com https://*.walkme.com https://*.amplitude.com https://*.instana.io https://*.newrelic.com https://*.nr-data.net https://1.www.s81c.com https://*.ibm.com https://*.ibmcloud.com https://*.truste.com https://*.trustarc.com https://*.segment.com https://*.segment.io https://www.gravatar.com 'self' data:; script-src https://*.googletagmanager.com https://*.walkme.com https://*.amplitude.com https://*.instana.io https://*.newrelic.com https://*.nr-data.net https://1.www.s81c.com https://*.ibm.com https://*.ibmcloud.com https://*.truste.com https://*.trustarc.com https://*.segment.com https://*.segment.io 'self' 'unsafe-inline'; script-src-elem https://*.googletagmanager.com https://*.walkme.com https://*.amplitude.com https://*.instana.io https://*.newrelic.com https://*.nr-data.net https://1.www.s81c.com https://*.ibm.com https://*.ibmcloud.com https://*.truste.com https://*.trustarc.com https://*.segment.com https://*.segment.io 'self' 'unsafe-inline'; connect-src https://*.googletagmanager.com https://*.walkme.com https://*.amplitude.com https://*.instana.io https://*.newrelic.com https://*.nr-data.net https://1.www.s81c.com https://*.ibm.com https://*.ibmcloud.com https://*.truste.com https://*.trustarc.com https://*.segment.com https://*.segment.io 'self'
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
X-INSTANA-L: 1
traceparent: 00-0000000000000000f3080d5680075c9b-f3080d5680075c9b-01
tracestate: in=f3080d5680075c9b;f3080d5680075c9b
X-INSTANA-T: f3080d5680075c9b
X-INSTANA-S: f3080d5680075c9b
Server-Timing: intid;desc=f3080d5680075c9b
Expires: Fri, 23 Jan 2026 03:43:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Jan 2026 03:43:19 GMT
Alt-Svc: h3=":443"; ma=93600
Connection: close
Set-Cookie: X-CSRF-TOKEN=ImRjM2JjMzkxZjU0Y2ZiN2VlODIyMDc0ZGEyMWY3ZjhiM2ZmM2E3ZDQi.aXLuVw.A_Ec8_QfDWJKtzf2s509Jqd7jYM; Expires=Fri, 23 Jan 2026 04:43:19 GMT; Max-Age=3600; Secure; Path=/; SameSite=Lax
Set-Cookie: dbnd_session=2f2b8747-fe82-4f57-84ab-047546e2f4a2; Expires=Fri, 23 Jan 2026 04:43:19 GMT; Secure; HttpOnly; Path=/; SameSite=Lax

Page title: Redirecting...

<!doctype html>
<html lang=en>
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to the target URL: <a href="/app">/app</a>. If not, click the link.

Found 2026-01-23 by HttpPlugin

Create report

*.databand.aidataband.ai

Fingerprint:

c639964747c90a6aa840e7b5ba4b90703105c1565b0b8f1b15f118691d3d8d41

CN:

*.databand.ai

Key:

ECDSA-256

Issuer:

DigiCert Global G3 TLS ECC SHA384 2020 CA1

Not before:

2025-11-30 00:00

Not after:

2026-12-01 23:59

Domain summary

databand-test-scale.databand.ai 1

1 recorded

IP summary

23.36.162.214 2