auth.gid.ru Open in urlscan Pro
185.71.67.89 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.wwwwwwasavpn.subbota.tv/
Effective URL:
https://auth.gid.ru/auth?login_challenge=9584681d66984c1a8c7e31acdc2118df
Submission: On September 21 via automatic, source certstream-suspicious (September 21st 2024, 10:14:25 am UTC) — Scanned from US

Summary HTTP 46 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 46 HTTP transactions. The main IP is 185.71.67.89, located in Russian Federation and belongs to STORMNETWORKS, RU. The main domain is auth.gid.ru. The Cisco Umbrella rank of the primary domain is 400309.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on November 29th 2023. Valid for: a year.

This is the only time auth.gid.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	185.178.210.37 185.178.210.37	57724 (DDOS-GUARD) (DDOS-GUARD)
3 3	185.178.210.70 185.178.210.70	57724 (DDOS-GUARD) (DDOS-GUARD)
2 39	185.71.67.89 185.71.67.89	43298 (STORMNETW...) (STORMNETWORKS)
1	82.202.191.64 82.202.191.64	209030 (KL-KDP) (KL-KDP)
7	84.252.140.87 84.252.140.87	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1	85.119.148.124 85.119.148.124	49505 (SELECTEL) (SELECTEL)
46	4

3 185.178.210.37 (Russian Federation) 3 redirects

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

www.wwwwwwasavpn.subbota.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.178.210.70 (Russian Federation) 3 redirects

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

login.friday.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 185.71.67.89 (Russian Federation) 2 redirects

ASN43298 (STORMNETWORKS, RU)

auth.gid.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.191.64 (Russian Federation)

ASN209030 (KL-KDP, RU)

pic.gid.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 84.252.140.87 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

kevents.auth.gid.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.119.148.124 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)

sentry-prod.gid.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	gid.ru 2 redirects auth.gid.ru — Cisco Umbrella Rank: 400309 pic.gid.ru kevents.auth.gid.ru — Cisco Umbrella Rank: 712510	621 KB
3	friday.ru 3 redirects login.friday.ru	744 B
3	subbota.tv 3 redirects www.wwwwwwasavpn.subbota.tv	818 B
1	gid.team sentry-prod.gid.team	437 B
46	4

	Domain	Requested by
39	auth.gid.ru	2 redirects auth.gid.ru
7	kevents.auth.gid.ru	auth.gid.ru
3	login.friday.ru	3 redirects
3	www.wwwwwwasavpn.subbota.tv	3 redirects
1	sentry-prod.gid.team	auth.gid.ru
1	pic.gid.ru
46	6

This site contains links to these domains. Also see Links.

Domain
gid.ru

Subject Issuer	Validity	Valid
*.gid.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-11-29` - `2024-12-30`	a year	crt.sh
*.auth.gid.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-04-02` - `2025-05-04`	a year	crt.sh
*.gid.team GlobalSign GCC R3 DV TLS CA 2020	`2024-04-25` - `2025-05-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.gid.ru/auth?login_challenge=9584681d66984c1a8c7e31acdc2118df
Frame ID: 0B0B295801D9CBE9B6DBD7B71C2E3EC0
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Газпром ID - Ваш ключ к вселенной возможностей

Page URL History Show full URLs

https://www.wwwwwwasavpn.subbota.tv/ HTTP 302
https://www.wwwwwwasavpn.subbota.tv/account/login HTTP 302
https://www.wwwwwwasavpn.subbota.tv/account/auth?authclient=passport HTTP 302
https://login.friday.ru/connect/authorize?client_id=admin.subbota.tv&response_type=code&redirect_uri... HTTP 302
https://login.friday.ru/account/login HTTP 302
https://login.friday.ru/account/auth?authclient=gid HTTP 302
https://auth.gid.ru/oauth2/auth?client_id=FZs5Se9WsihoPf2xFtMT5NnILeO2bB0q3AcuJVbT&response_type... HTTP 302
https://auth.gid.ru/api/v1/flow/login/resolve-redirect?gid_client=FZs5Se9WsihoPf2xFtMT5NnILeO2bB... HTTP 302
https://auth.gid.ru/auth?login_challenge=9584681d66984c1a8c7e31acdc2118df Page URL

Page Statistics

46
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

620 kB
Transfer

1424 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://gid.ru/about

Search URL Search Domain Scan URL

URL: https://gid.ru/about#faq
Title: Помощь

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.wwwwwwasavpn.subbota.tv/ HTTP 302
https://www.wwwwwwasavpn.subbota.tv/account/login HTTP 302
https://www.wwwwwwasavpn.subbota.tv/account/auth?authclient=passport HTTP 302
https://login.friday.ru/connect/authorize?client_id=admin.subbota.tv&response_type=code&redirect_uri=https%3A%2F%2Fwww.wwwwwwasavpn.subbota.tv%2Faccount%2Fauth%3Fauthclient%3Dpassport&xoauth_displayname=My%20Application&scope=openid%20profile%20email%20address%20phone%20profile_ex&state=25de7c8d6ab5b5a1f9d8368f0fda78a53afb5c87a8af40d1de801e64ba9b9856 HTTP 302
https://login.friday.ru/account/login HTTP 302
https://login.friday.ru/account/auth?authclient=gid HTTP 302
https://auth.gid.ru/oauth2/auth?client_id=FZs5Se9WsihoPf2xFtMT5NnILeO2bB0q3AcuJVbT&response_type=code&redirect_uri=https%3A%2F%2Flogin.friday.ru%2Faccount%2Fauth%3Fauthclient%3Dgid&xoauth_displayname=Friday.Ru%20Login&scope=openid%20phone&state=31f362e4c38dcd9c15c7dbcb6e155ead11d49115d0d75a9e6001092017ae5576 HTTP 302
https://auth.gid.ru/api/v1/flow/login/resolve-redirect?gid_client=FZs5Se9WsihoPf2xFtMT5NnILeO2bB0q3AcuJVbT&login_challenge=9584681d66984c1a8c7e31acdc2118df HTTP 302
https://auth.gid.ru/auth?login_challenge=9584681d66984c1a8c7e31acdc2118df Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request auth Show response
auth.gid.ru/
Redirect Chain

https://www.wwwwwwasavpn.subbota.tv/
https://www.wwwwwwasavpn.subbota.tv/account/login
https://www.wwwwwwasavpn.subbota.tv/account/auth?authclient=passport
https://login.friday.ru/connect/authorize?client_id=admin.subbota.tv&response_type=code&redirect_uri=https%3A%2F%2Fwww.wwwwwwasavpn.subbota.tv%2Faccount%2Fauth%3Fauthclient%3Dpassport&xoauth_displa...
https://login.friday.ru/account/login
https://login.friday.ru/account/auth?authclient=gid
https://auth.gid.ru/oauth2/auth?client_id=FZs5Se9WsihoPf2xFtMT5NnILeO2bB0q3AcuJVbT&response_type=code&redirect_uri=https%3A%2F%2Flogin.friday.ru%2Faccount%2Fauth%3Fauthclient%3Dgid&xoauth_displayna...
https://auth.gid.ru/api/v1/flow/login/resolve-redirect?gid_client=FZs5Se9WsihoPf2xFtMT5NnILeO2bB0q3AcuJVbT&login_challenge=9584681d66984c1a8c7e31acdc2118df
https://auth.gid.ru/auth?login_challenge=9584681d66984c1a8c7e31acdc2118df

27 KB
16 KB

422ms
422ms

Document
text/html

185.71.67.89
STORMNETWORKS

General

Domain/Path	Expires	Name / Value
.subbota.tv/	1970-01-21 08:27:29	Name: __ddg1_ Value: vikGS6kLXaOwIENVFs2l
www.wwwwwwasavpn.subbota.tv/	1970-01-20 23:42:42	Name: advanced-backend Value: gkr3ds6re69f59jd679ppomqq1
.friday.ru/	1970-01-21 08:27:29	Name: __ddg1_ Value: IjiObo6hfbqKffl35fit
login.friday.ru/	1969-12-31 23:59:59	Name: friday-passport-sid Value: gqcmgerjhliutobv7fbrqtp2ef
auth.gid.ru/	1969-12-31 23:59:59	Name: oauth2_authentication_csrf Value: MTcyNjkxMzY1N3xEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJR0V4T0RsbU5qRmtZelkyTVRRek56RTRabVkzWkRBNVltUm1aVGt4WW1WbHwpqohdanPY0bkQPNUJYErpim1WLQJV_N-b7SKBR33jkA==
auth.gid.ru/	1969-12-31 23:59:59	Name: cookie_route_id Value: 2
auth.gid.ru/	1969-12-31 23:59:59	Name: IDP_ID Value: ZDk1MDY0MjEtMWY3Yy00ZTc2LTkxOTEtMWRjMmQ4ODcxZWVm
.auth.gid.ru/	1970-01-21 09:17:53	Name: das_d_tag2 Value: 0196b4b3-2d8e-4ea2-aa1d-17f701d3d53d
.auth.gid.ru/	1970-01-21 09:17:53	Name: das_d_tag2_legacy Value: 0196b4b3-2d8e-4ea2-aa1d-17f701d3d53d
auth.gid.ru/	1970-01-20 23:46:12	Name: oxxfgh Value: 5dfe1806-fb93-4d98-933a-6cc4c8aa1618%230%23259200000%2345000%231800000%2322820
auth.gid.ru/	1970-01-21 09:17:53	Name: uwyii Value: f3a115d7-51df-753d-fd66-f6aa82c11f98
.auth.gid.ru/	1970-01-21 09:17:53	Name: uwyiert Value: fce4909c-52a4-af77-12d9-bb068c1a0ca1

auth.gid.ru Open in urlscan Pro 185.71.67.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

46 Requests

100 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

4 IPs

1 Countries

620 kBTransfer

1424 kBSize

12 Cookies

2 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auth.gid.ru Open in urlscan Pro
185.71.67.89 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

620 kB
Transfer

1424 kB
Size

12
Cookies

46 HTTP transactions
0 data transactions