Once you figure out that someone has a containous/whoami instance runing (let's say on their domain … whoami.example.com), you can DoS their host by running multiple /data?size=10&unit=GB requests and have the dataHandler send lots of data.

I see that this container is mainly for debugging purposes, but in some cases it might land on production endpoints, so the "dangerous" functions should be switched off then.