Proceed with caution, as this site lacks transparency and clear ownership signals. It functions as a redirect to an external service without identifying itself to the user.
What you should do now
Don't panic. These steps limit the damage, and the sooner you take them the better.
1
Don't enter any details
No passwords, card numbers or personal information β even if the site looks professional.
2
Close the tab
Especially if you got here from an email, text message or social media ad.
3
Already paid? Call your bank
Contact your bank or card provider right away. They can often stop or reverse a recent payment.
4
Warn others
Report the site and share this check with anyone who sent you the link.
Protect yourself for next time
Partner picks
If you interacted with this site, these are the tools we'd reach for first.
Most relevant here
N
NordVPN
VPN & anti-phishing
Nord's Threat Protection blocks known scam sites before they load, a safety net for the links you haven't checked with us yet.
Entered card or personal details? Aura watches for your info in leaks and fraud databases and alerts you fast, with up to $1M identity theft insurance.
If you sign up through these links we earn a commission, which keeps every check free. Partners can't influence scores.How scoring stays independent β
Cross-referenced 17 live signals from Google Safe Browsing, VirusTotal, WHOIS and more on Jun 14, 2026.How we score β
Where the score comes from
We look at six areas. Here's how vpps.cpi.gm.com did in each.
85
Security
The site employs a current TLS 1.3 encryption standard and a reputable certificate, meeting high security expectations for a login portal.
30
Identity
The absence of WHOIS data and lack of historical archives make it impossible to verify the entity behind this domain, which is concerning for a corporate-branded login page.
50
Reputation
There is no public footprint for this specific subdomain, so it relies entirely on its association with the gm.com parent domain for credibility.
30
Transparency
The site provides no contact information or organizational context, acting strictly as a pass-through to a third-party login host.
40
Compliance
The lack of legal disclosures is problematic given the site's function as a gateway for user credentials.
45
Infrastructure
The configuration is highly restrictive, blocking all crawlers and missing standard email authentication records, which limits its utility as a public-facing resource.
What we checked
The 17 signals behind this report.
Security & Transport
Certificate Issuer
DigiCert Inc
Clickjacking Protection
Present
Google Web Risk
Clean
HSTS Header
Present
SSL Certificate
Valid
TLS Version
TLS 1.3
Identity & WHOIS
Branding
Missing
Infrastructure & DNS
DNS Blacklists
Clean
DNS Resolution
1 IP(s)
DNSSEC
Not enabled
Email (MX Records)
None
Reputation & Reach
Sitemap
Misconfigured
Tranco Rank
Not ranked
Trustpilot
No Trustpilot profile
Web Archive History
No archive found
robots.txt
Blocks all crawlers
Other
Site Redirect
Redirects to login.microsoftonline.com
Think this verdict is wrong?
Site owners can request a fresh scan. Scores update automatically as signals change.
When evaluating a login portal like vpps.cpi.gm.com, the primary goal is ensuring the destination matches the brand's expected digital environment. This page serves as a redirect to a Microsoft-hosted authentication service rather than functioning as a standalone platform. While the underlying security connection is sound, the complete lack of public identity markers, contact information, or historical record makes it difficult to verify that this subdomain is an authorized asset rather than an opportunistic parking page.
Most corporate subdomains of this nature are integrated into obvious business workflows. If you find yourself here, verify that the link originated from an official General Motors communication before entering any credentials. It is rare for a legitimate internal business gateway to omit all branding or informational context. Since we cannot confirm the administrative purpose, treat any prompt for login credentials with skepticism. Avoid this page if you arrived here through an unsolicited message, as legitimate corporate portals usually have a clear pathway for employees or authorized partners that does not require guessing the nature of the domain.