LeakIX - Host discoveryapi.library.test.abb.com

Domain discoveryapi.library.test.abb.com

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.16.204.93
Domain: discoveryapi.library.test.abb.com
Port: 443
URL: https://discoveryapi.library.test.abb.com

First seen 2025-10-14 15:25
Last seen 2026-01-09 11:48
Open for 86 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d6038a14acacd95d4baf1eb6a5ea618e0093fcf1cc0
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/service/categoryPathToRoot
POST /api/private/Navigation
POST /api/private/documents
POST /api/private/documents/metadata/basic
POST /api/private/documents/metadata/internal
POST /api/private/documents/revisions/versions
POST /api/private/filters/documentKinds
POST /api/private/filters/languages
POST /api/private/suggestions
POST /api/public/documents
POST /api/public/documents/metadata/basic
POST /api/public/documents/revisions/versions
POST /api/public/filters/documentKinds
POST /api/public/filters/languages
POST /api/public/navigation
POST /api/public/suggestions
POST /api/service/documents
```
  Found on 2026-01-09 11:48
Create report

Open service 2.16.204.93:443 · discoveryapi.library.test.abb.com

2026-01-09 11:48

HTTP/1.1 200 OK
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:d8fb5982-1ddd-42f8-9eca-07c0f44ced16
Content-Security-Policy: default-src 'self' https:; object-src 'none'; script-src 'self' *.abb.com 'nonce-r5nxi2+46x+7vxTACuFSd2XxRHPEOwvNBAdMFFKG6PI='; style-src 'self' 'nonce-r5nxi2+46x+7vxTACuFSd2XxRHPEOwvNBAdMFFKG6PI='; img-src 'self' 'nonce-r5nxi2+46x+7vxTACuFSd2XxRHPEOwvNBAdMFFKG6PI=' data:; style-src-elem 'self' 'nonce-r5nxi2+46x+7vxTACuFSd2XxRHPEOwvNBAdMFFKG6PI='; connect-src 'self' wss://localhost:*/Discovery.API/
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Length: 2
Date: Fri, 09 Jan 2026 11:48:58 GMT
Connection: close


OK

Found 2026-01-09 by HttpPlugin

Create report

Open service 2.16.204.93:443 · discoveryapi.library.test.abb.com

2026-01-02 20:57

HTTP/1.1 200 OK
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:d8fb5982-1ddd-42f8-9eca-07c0f44ced16
Content-Security-Policy: default-src 'self' https:; object-src 'none'; script-src 'self' *.abb.com 'nonce-y8xzPYGOIqKRwN6uFwqGK5fex0SeK0kIOgyJ3dntBcg='; style-src 'self' 'nonce-y8xzPYGOIqKRwN6uFwqGK5fex0SeK0kIOgyJ3dntBcg='; img-src 'self' 'nonce-y8xzPYGOIqKRwN6uFwqGK5fex0SeK0kIOgyJ3dntBcg=' data:; style-src-elem 'self' 'nonce-y8xzPYGOIqKRwN6uFwqGK5fex0SeK0kIOgyJ3dntBcg='; connect-src 'self' wss://localhost:*/Discovery.API/
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Length: 2
Date: Fri, 02 Jan 2026 20:57:22 GMT
Connection: close


OK

Found 2026-01-02 by HttpPlugin

Create report

Open service 2.16.204.93:443 · discoveryapi.library.test.abb.com

2025-12-22 23:48

HTTP/1.1 200 OK
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:d8fb5982-1ddd-42f8-9eca-07c0f44ced16
Content-Security-Policy: default-src 'self' https:; object-src 'none'; script-src 'self' *.abb.com 'nonce-gZWeU49l6pmk29mCsj3tdWsgmYKzeujehO3JJnTzV2I='; style-src 'self' 'nonce-gZWeU49l6pmk29mCsj3tdWsgmYKzeujehO3JJnTzV2I='; img-src 'self' 'nonce-gZWeU49l6pmk29mCsj3tdWsgmYKzeujehO3JJnTzV2I=' data:; style-src-elem 'self' 'nonce-gZWeU49l6pmk29mCsj3tdWsgmYKzeujehO3JJnTzV2I='; connect-src 'self' wss://localhost:*/Discovery.API/
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Length: 2
Date: Mon, 22 Dec 2025 23:48:22 GMT
Connection: close


OK

Found 2025-12-22 by HttpPlugin

Create report

waf-abb-cert12.abb.comabbtv.inside.abb.comabbtv.inside.stage.abb.comadmin.customizing.mybuildings.abb.comapi.admin.customizing.mybuildings.abb.comapi.customizing.mybuildings.abb.comapi.demo2.smartmaster.measurementservice.abb.comapi.dev.conditionmonitoring.traction.abb.comapi.dev.equipmentmanagement.drives.abb.comapi.equipmentmanagement.drives.abb.comapi.genie.el-data-science.abb.comapi.leveragecards.abb.comapi.library.stage.abb.comapi.prod.conditionmonitoring.traction.abb.comapi.qa.conditionmonitoring.traction.abb.comapi.ruca.abb.comapi.smart-home-configurator.mybuildings.abb.comapi.stage.conditionmonitoring.traction.abb.comapim.motion.abb.comauth.library.abb.comauth.library.stage.abb.comauth.library.test.abb.combuzz.inside.abb.comc4e.e-invoicing-ascc.abb.comchaman.drives.abb.comcustomizing.mybuildings.abb.comdemo2.smartmaster.measurementservice.abb.comdev.apim.motion.abb.comdev.apimanagement.motion.abb.comdev.chaman.drives.abb.comdev.developer.apimanagement.motion.abb.comdev.developers.connect.abb.comdev.em.drives.abb.comdev.equipmentmanagement.drives.abb.comdev.salesinfo.drives.abb.comdev.supportlineandwarranty.drives.abb.comdevelopers.connect.abb.comdevicemanagement.motion.abb.comdiscoveryapi.library.abb.comdiscoveryapi.library.stage.abb.comdiscoveryapi.library.test.abb.comds.library.stage.abb.comds.library.test.abb.comelb.ws.library.stage.e.abb.comelb.ws.library.test.e.abb.comeleai.cloudintegration.abb.comem.drives.abb.comequipmentmanagement.drives.abb.comgenie.el-data-science.abb.comhafonorm.configurator.nl.abb.comimageservice.abb.comint.ws.library.stage.e.abb.comint.ws.library.test.e.abb.comjets.abb.comleveragecards.abb.comlibrary.stage.e.abb.comlibrary.test.e.abb.comniessen.customizing.mybuildings.abb.comnotificationapi.library.abb.comnotificationapi.library.stage.abb.comnotificationapi.library.test.abb.comnps.cloudintegration.abb.compartnerhub.connect.abb.comproducts.mo.cloudintegration.abb.comra-workitem.cloudintegration.abb.comruca.abb.comsalesinfo.drives.abb.comsandbox.accessmanagement.motion.abb.comsandbox.api.accessmanagement.motion.abb.comshare.library.abb.comshare.library.stage.abb.comshare.library.test.abb.comsp-api.abb.comstage.api.ruca.abb.comstage.api.uam.library.abb.comstage.apim.motion.abb.comstage.apimanagement.motion.abb.comstage.buzz.inside.abb.comstage.developer.apimanagement.motion.abb.comstage.developers.connect.abb.comstage.devicemanagement.motion.abb.comstage.ecodesign.drivesmotors.abb.comstage.ruca.abb.comstage.voices.inside.abb.comstudio.sales-portal.drives.abb.comsupportlineandwarranty.drives.abb.comtest.apc.abb.comtest.api.uam.library.abb.comtest.developers.connect.abb.comtest.smarttracker.abb.comuam.demo2.smartmaster.measurementservice.abb.comusermanagement.abb.comvoices.inside.abb.comweb.mfiletransfer.stage.abb.comwiki.inside.abb.comwiki.inside.stage.abb.comws.library.stage.e.abb.comws.library.test.e.abb.comwww.usermanagement.abb.com

Fingerprint:

c7b4fd26ea71e51e52ab21194bb72b7924a716a7b43ce8db72b7ad3d6c3a0e25

CN:

waf-abb-cert12.abb.com

Key:

ECDSA-256

Issuer:

DigiCert Global G3 TLS ECC SHA384 2020 CA1

Not before:

2025-09-12 00:00

Not after:

2026-06-30 23:59

Domain summary

discoveryapi.library.test.abb.com 3

1 recorded

IP summary

2.16.204.93 2

1 recorded

Domain discoveryapi.library.test.abb.com

Germany

Swagger API description is publicly available

Create report

Create report

Create report

Domain summary

IP summary