LeakIX - Host cgi.gm.com

Domain cgi.gm.com

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.16.204.153
Domain: cgi.gm.com
Port: 443
URL: https://cgi.gm.com

First seen 2025-11-05 20:37
Last seen 2026-01-14 19:42
Open for 69 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-14 19:42
Create report

Open service 2.16.204.153:443 · cgi.gm.com

2026-01-09 06:32

HTTP/1.1 404 Not Found
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
Content-Type: application/json
Content-Length: 89
Date: Fri, 09 Jan 2026 06:32:43 GMT
Connection: close
Akamai-Request-BC: [a=2.16.29.153,b=3592955313,c=g,n=DE_HH_HAMBURG,o=20940],[c=c,n=US_NJ_SECAUCUS,o=20940],[a=56,c=o]
116166-cgi.gm.com: 0.991d1002.1767940363.d62825b1


{"timestamp":"2026-01-09T06:32:43.205+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 2.16.204.153:443 · cgi.gm.com

2026-01-02 09:59

HTTP/1.1 404 Not Found
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
Content-Type: application/json
Content-Length: 89
Date: Fri, 02 Jan 2026 09:59:03 GMT
Connection: close
Akamai-Request-BC: [a=2.16.29.153,b=2621498872,c=g,n=DE_HH_HAMBURG,o=20940],[c=c,n=US_NJ_SECAUCUS,o=20940],[a=56,c=o]
116166-cgi.gm.com: 0.991d1002.1767347943.9c40e5f8


{"timestamp":"2026-01-02T09:59:03.682+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 2.16.204.153:443 · cgi.gm.com

2025-12-22 15:36

HTTP/1.1 404 Not Found
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
Content-Type: application/json
Content-Length: 89
Date: Mon, 22 Dec 2025 15:36:13 GMT
Connection: close
Akamai-Request-BC: [a=2.16.29.153,b=1057461590,c=g,n=DE_HH_HAMBURG,o=20940],[c=c,n=US_NJ_SECAUCUS,o=20940],[a=56,c=o]
116166-cgi.gm.com: 0.991d1002.1766417773.3f079556


{"timestamp":"2025-12-22T15:36:13.746+00:00","status":404,"error":"Not Found","path":"/"}

Found 2025-12-22 by HttpPlugin

Create report

Open service 2.16.204.153:443 · cgi.gm.com

2025-12-20 16:25

HTTP/1.1 404 Not Found
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
Content-Type: application/json
Content-Length: 89
Date: Sat, 20 Dec 2025 16:25:24 GMT
Connection: close
Akamai-Request-BC: [a=2.16.29.153,b=777637566,c=g,n=DE_HH_HAMBURG,o=20940],[c=c,n=US_NJ_SECAUCUS,o=20940],[a=56,c=o]
116166-cgi.gm.com: 0.991d1002.1766247924.2e59cebe


{"timestamp":"2025-12-20T16:25:24.783+00:00","status":404,"error":"Not Found","path":"/"}

Found 2025-12-20 by HttpPlugin

Create report

3dviz-data.cdn.gm.com3dviz-state.cdn.gm.comcgi.buick.comcgi.cadillac.comcgi.chevrolet.comcgi.gm.comcgi.gmc.comcgi.pprod.buick.comcgi.pprod.cadillac.comcgi.pprod.chevrolet.comcgi.pprod.gm.comcgi.pprod.gmc.comeast-visualizer.chevrolet.comimages-visualizer.chevrolet.comimages-visualizer.gm.comvisualizer-east.chevrolet.comvisualizer-west.chevrolet.comvisualizer.cadillac.comvisualizer.chevrolet.comvisualizer.gm.comwest-visualizer.chevrolet.com

Fingerprint:

bfcb3d99fe51455b91dd096e32c728d7d28e7a9f162ebe593726efc0197df689

CN:

cgi.gm.com

Key:

RSA-2048

Issuer:

R12

Not before:

2025-11-05 19:38

Not after:

2026-02-03 19:38

Domain summary

cgi.gm.com 4

1 recorded

IP summary

2.16.204.153 2

1 recorded

Domain cgi.gm.com

Germany

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Domain summary

IP summary