LeakIX - Host my.gtcvip.com

Domain my.gtcvip.com

United States

AMAZON-AES

Ubuntu

Software information

nginx nginx 1.14.0

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 3.216.42.100
Domain: my.gtcvip.com
Port: 443
URL: https://my.gtcvip.com

First seen 2025-11-08 10:04
Last seen 2026-02-02 06:19
Open for 85 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-02-02 06:19
Create report

Open service 3.216.42.100:443 · my.gtcvip.com

2026-01-23 00:05

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 23 Jan 2026 00:05:36 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Connection: close
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Location: /v2/app
Vary: Accept, Accept-Encoding
Set-Cookie: connect.sid=s%3A4RNkdiVKmkniXlt_oOoafByTuLswqcHC.Qvjw4Ops2Vz1T4rE%2BAoSiQufTT5K6e1jwtUqfQzuJ1g; Path=/; HttpOnly


Found. Redirecting to /v2/app

Found 2026-01-23 by HttpPlugin

Create report

Open service 3.216.42.100:443 · my.gtcvip.com

2026-01-05 12:06

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 05 Jan 2026 12:06:09 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 29
Connection: close
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Location: /v2/app
Vary: Accept, Accept-Encoding
Set-Cookie: connect.sid=s%3AGTnYwGIifkFP4LJ9GQLwj7RCW5Y-bbEQ.63Df%2BdbdSKsUthA43bGrXqhQ46JbYU1LNIyPER9LvzM; Path=/; HttpOnly


Found. Redirecting to /v2/app

Found 2026-01-05 by HttpPlugin

Create report

Open service 3.216.42.100:80 · my.gtcvip.com

2026-01-05 12:06

HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 05 Jan 2026 12:06:09 GMT
Content-Type: text/html
Content-Length: 194
Connection: close
Location: https://my.gtcvip.com/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>

Found 2026-01-05 by HttpPlugin

Create report

my.gtcvip.com

Fingerprint:

435c5bc6c912a1031624a842b0ead901ac8b80b0ef23b93e2bf168b0239684c3

CN:

my.gtcvip.com

Key:

RSA-2048

Issuer:

R13

Not before:

2026-01-05 11:07

Not after:

2026-04-05 11:07

Domain summary

my.gtcvip.com 3

1 recorded

IP summary

3.216.42.100 2

1 recorded

Domain my.gtcvip.com

United States

Software information

Swagger API description is publicly available

Create report

Create report

Create report

my.gtcvip.com

Domain summary

IP summary