auth.gid.ru Open in urlscan Pro
185.71.67.89 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.scanning-service.subbota.tv/
Effective URL:
https://auth.gid.ru/auth?login_challenge=9b42b7eed88645a3ac892cd33167e8e9
Submission: On November 01 via automatic, source certstream-suspicious (November 1st 2024, 6:24:52 pm UTC) — Scanned from DE

Summary HTTP 48 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 48 HTTP transactions. The main IP is 185.71.67.89, located in Russian Federation and belongs to STORMNETWORKS, RU. The main domain is auth.gid.ru. The Cisco Umbrella rank of the primary domain is 365520.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on November 29th 2023. Valid for: a year.

This is the only time auth.gid.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	185.178.210.37 185.178.210.37	57724 (DDOS-GUARD) (DDOS-GUARD)
3 3	185.178.210.70 185.178.210.70	57724 (DDOS-GUARD) (DDOS-GUARD)
2 40	185.71.67.89 185.71.67.89	43298 (STORMNETW...) (STORMNETWORKS)
1	82.202.191.64 82.202.191.64	209030 (KL-KDP) (KL-KDP)
8	84.252.140.87 84.252.140.87	200350 (YANDEXCLOUD) (YANDEXCLOUD)
48	4

3 185.178.210.37 (Russian Federation) 3 redirects

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

www.scanning-service.subbota.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.178.210.70 (Russian Federation) 3 redirects

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

login.friday.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 185.71.67.89 (Russian Federation) 2 redirects

ASN43298 (STORMNETWORKS, RU)

auth.gid.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.191.64 (Russian Federation)

ASN209030 (KL-KDP, RU)

pic.gid.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 84.252.140.87 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

kevents.auth.gid.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	gid.ru 2 redirects auth.gid.ru — Cisco Umbrella Rank: 365520 pic.gid.ru kevents.auth.gid.ru — Cisco Umbrella Rank: 572623	648 KB
3	friday.ru 3 redirects login.friday.ru	1 KB
3	subbota.tv 3 redirects www.scanning-service.subbota.tv	1 KB
0	gid.team Failed sentry-prod.gid.team Failed
48	4

	Domain	Requested by
40	auth.gid.ru	2 redirects auth.gid.ru
8	kevents.auth.gid.ru	auth.gid.ru
3	login.friday.ru	3 redirects
3	www.scanning-service.subbota.tv	3 redirects
1	pic.gid.ru
0	sentry-prod.gid.team Failed	auth.gid.ru
48	6

This site contains links to these domains. Also see Links.

Domain
gid.ru

Subject Issuer	Validity	Valid
*.gid.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-11-29` - `2024-12-30`	a year	crt.sh
*.auth.gid.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-04-02` - `2025-05-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.gid.ru/auth?login_challenge=9b42b7eed88645a3ac892cd33167e8e9
Frame ID: BA37E1EADAE7B26FE949C0A46ECAC602
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Газпром ID - Ваш ключ к вселенной возможностей

Page URL History Show full URLs

https://www.scanning-service.subbota.tv/ HTTP 302
https://www.scanning-service.subbota.tv/account/login HTTP 302
https://www.scanning-service.subbota.tv/account/auth?authclient=passport HTTP 302
https://login.friday.ru/connect/authorize?client_id=admin.subbota.tv&response_type=code&redirect_uri... HTTP 302
https://login.friday.ru/account/login HTTP 302
https://login.friday.ru/account/auth?authclient=gid HTTP 302
https://auth.gid.ru/oauth2/auth?client_id=FZs5Se9WsihoPf2xFtMT5NnILeO2bB0q3AcuJVbT&response_type... HTTP 302
https://auth.gid.ru/api/v1/flow/login/resolve-redirect?gid_client=FZs5Se9WsihoPf2xFtMT5NnILeO2bB... HTTP 302
https://auth.gid.ru/auth?login_challenge=9b42b7eed88645a3ac892cd33167e8e9 Page URL

Page Statistics

48
Requests

98 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

647 kB
Transfer

1496 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://gid.ru/about

Search URL Search Domain Scan URL

URL: https://gid.ru/about#faq
Title: Помощь

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.scanning-service.subbota.tv/ HTTP 302
https://www.scanning-service.subbota.tv/account/login HTTP 302
https://www.scanning-service.subbota.tv/account/auth?authclient=passport HTTP 302
https://login.friday.ru/connect/authorize?client_id=admin.subbota.tv&response_type=code&redirect_uri=https%3A%2F%2Fwww.scanning-service.subbota.tv%2Faccount%2Fauth%3Fauthclient%3Dpassport&xoauth_displayname=My%20Application&scope=openid%20profile%20email%20address%20phone%20profile_ex&state=d78f02df013f35543d8f29816b7d1d02994da93024305d56834616f84c907231 HTTP 302
https://login.friday.ru/account/login HTTP 302
https://login.friday.ru/account/auth?authclient=gid HTTP 302
https://auth.gid.ru/oauth2/auth?client_id=FZs5Se9WsihoPf2xFtMT5NnILeO2bB0q3AcuJVbT&response_type=code&redirect_uri=https%3A%2F%2Flogin.friday.ru%2Faccount%2Fauth%3Fauthclient%3Dgid&xoauth_displayname=Friday.Ru%20Login&scope=openid%20phone&state=5bdb2a36f7b6924aa63c6d26c98a9fe228a3d39675270ed682289c4176db370c HTTP 302
https://auth.gid.ru/api/v1/flow/login/resolve-redirect?gid_client=FZs5Se9WsihoPf2xFtMT5NnILeO2bB0q3AcuJVbT&login_challenge=9b42b7eed88645a3ac892cd33167e8e9 HTTP 302
https://auth.gid.ru/auth?login_challenge=9b42b7eed88645a3ac892cd33167e8e9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request auth Show response
auth.gid.ru/
Redirect Chain

https://www.scanning-service.subbota.tv/
https://www.scanning-service.subbota.tv/account/login
https://www.scanning-service.subbota.tv/account/auth?authclient=passport
https://login.friday.ru/connect/authorize?client_id=admin.subbota.tv&response_type=code&redirect_uri=https%3A%2F%2Fwww.scanning-service.subbota.tv%2Faccount%2Fauth%3Fauthclient%3Dpassport&xoauth_di...
https://login.friday.ru/account/login
https://login.friday.ru/account/auth?authclient=gid
https://auth.gid.ru/oauth2/auth?client_id=FZs5Se9WsihoPf2xFtMT5NnILeO2bB0q3AcuJVbT&response_type=code&redirect_uri=https%3A%2F%2Flogin.friday.ru%2Faccount%2Fauth%3Fauthclient%3Dgid&xoauth_displayna...
https://auth.gid.ru/api/v1/flow/login/resolve-redirect?gid_client=FZs5Se9WsihoPf2xFtMT5NnILeO2bB0q3AcuJVbT&login_challenge=9b42b7eed88645a3ac892cd33167e8e9
https://auth.gid.ru/auth?login_challenge=9b42b7eed88645a3ac892cd33167e8e9

27 KB
16 KB

191ms
190ms

Document
text/html

185.71.67.89
STORMNETWORKS

General

Domain/Path	Expires	Name / Value
.subbota.tv/	1970-01-21 00:41:26	Name: __ddg9_ Value: 45.141.152.76
.subbota.tv/	1970-01-21 00:41:26	Name: __ddg10_ Value: 1730485479
.subbota.tv/	1970-01-21 09:27:01	Name: __ddg1_ Value: 0mz2PaRghNRE8oCzvNEX
www.scanning-service.subbota.tv/	1970-01-21 00:42:14	Name: advanced-backend Value: 9qsn3oqoolaesd3ov0nj3rjbtb
.subbota.tv/	1970-01-21 00:41:26	Name: __ddg8_ Value: wzy5zTCd81a19LWh
.friday.ru/	1970-01-21 00:41:26	Name: __ddg9_ Value: 45.141.152.76
.friday.ru/	1970-01-21 00:41:26	Name: __ddg10_ Value: 1730485479
.friday.ru/	1970-01-21 09:27:01	Name: __ddg1_ Value: GdqDFe9QS4YtQiPpGEGV
login.friday.ru/	1969-12-31 23:59:59	Name: friday-passport-sid Value: l307068o37d401qrg83mjrfnqb
.friday.ru/	1970-01-21 00:41:26	Name: __ddg8_ Value: K4EmDeHJ0CIZUrcG
auth.gid.ru/	1969-12-31 23:59:59	Name: oauth2_authentication_csrf Value: MTczMDQ4NTQ4MHxEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJRGxoTUdJek1XSmhORFpoTnpRME5ETmlNVEUyWXpGbE9ERTFaVFF4WlRNNXwh492DJVzliJB0ViufEr4xM2xv94JNezlgYQeEQHd0Bg==
auth.gid.ru/	1969-12-31 23:59:59	Name: cookie_route_id Value: 2
auth.gid.ru/	1969-12-31 23:59:59	Name: IDP_ID Value: OWNmOWU3YjMtOTQ2OC00ZTdmLWE3ZGQtOTZhMDE5YjUyYWNk
auth.gid.ru/	1970-01-21 00:41:27	Name: oxxfgh Value: L!7a52422a-769f-3e3d-de84-54670fb6d3b0%230%231800000%235000%231800000%2322820
auth.gid.ru/	1970-01-21 10:17:25	Name: uwyii Value: ebbf11d7-d31b-0c50-54d4-4f60a2290623
.auth.gid.ru/	1970-01-21 10:17:25	Name: das_d_tag2 Value: 0a189c82-9925-4afc-8ba0-67321888d191
.auth.gid.ru/	1970-01-21 10:17:25	Name: das_d_tag2_legacy Value: 0a189c82-9925-4afc-8ba0-67321888d191
.auth.gid.ru/	1970-01-21 10:17:25	Name: uwyiert Value: 4e52d7b0-6965-0848-7408-dad921b3eb6a

Source	Level	URL Text
rendering	warning	URL: https://auth.gid.ru/auth?login_challenge=9b42b7eed88645a3ac892cd33167e8e9 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0300601FC3C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://auth.gid.ru/auth?login_challenge=9b42b7eed88645a3ac892cd33167e8e9 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A09700FC3C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

auth.gid.ru Open in urlscan Pro 185.71.67.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

48 Requests

98 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

4 IPs

1 Countries

647 kBTransfer

1496 kBSize

18 Cookies

2 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auth.gid.ru Open in urlscan Pro
185.71.67.89 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

647 kB
Transfer

1496 kB
Size

18
Cookies

48 HTTP transactions
0 data transactions