www.onegday.com Open in urlscan Pro
47.88.48.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.onegday.com/
Submission: On March 28 via manual (March 28th 2023, 2:04:07 pm UTC) from PL — Scanned from PL

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 24 HTTP transactions. The main IP is 47.88.48.79, located in San Mateo, United States and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is www.onegday.com.

This is the only time www.onegday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 6	47.88.48.79 47.88.48.79	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
5 5	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
13	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	20.50.153.39 20.50.153.39	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
2	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
3	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE)
24	8

6 47.88.48.79 (San Mateo, United States) 5 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

www.onegday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.110 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f14.1e100.net

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

doc-14-3g-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0k-3g-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0s-3g-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-10-3g-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.153.39 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googleusercontent.com doc-14-3g-docs.googleusercontent.com — Cisco Umbrella Rank: 436926 doc-0k-3g-docs.googleusercontent.com — Cisco Umbrella Rank: 462583 doc-0s-3g-docs.googleusercontent.com — Cisco Umbrella Rank: 455810 doc-10-3g-docs.googleusercontent.com	3 MB
6	onegday.com 5 redirects www.onegday.com	4 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2368	20 KB
5	google.com 5 redirects drive.google.com — Cisco Umbrella Rank: 310	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	198 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 70	346 B
1	drv.tw www.drv.tw — Cisco Umbrella Rank: 897621	841 B
24	7

	Domain	Requested by
6	doc-10-3g-docs.googleusercontent.com
6	www.onegday.com	5 redirects
5	doc-0k-3g-docs.googleusercontent.com	www.onegday.com
5	drive.google.com	5 redirects
3	region1.google-analytics.com	www.googletagmanager.com
3	www.googletagmanager.com	www.drv.tw www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.drv.tw	www.onegday.com
1	doc-0s-3g-docs.googleusercontent.com	www.onegday.com
1	doc-14-3g-docs.googleusercontent.com	www.onegday.com
24	11

This site contains no links.

Subject Issuer	Validity	Valid
www.drv.tw GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-03-13` - `2023-09-13`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.onegday.com/
Frame ID: F90D3A2D7C3DCA24EE76FFF9C5117D60
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Czego możemy spodziewać się przy ładnej pogodzie

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

24
Requests

75 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

8
IPs

2
Countries

3275 kB
Transfer

14629 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.onegday.com/IMG_0312.jpg HTTP 302
https://drive.google.com/uc?id=11RPsceQJlXvq2OY3FTxLZgrZAFAkKl95 HTTP 303
https://doc-14-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/q0hsmajsqji3a6ogrm54um4vt996i7pd/1680012225000/17676978622777006763/*/11RPsceQJlXvq2OY3FTxLZgrZAFAkKl95?uuid=40871507-dbd3-4c2f-8888-348308529430

Request Chain 1

http://www.onegday.com/IMG_0135.jpg HTTP 302
https://drive.google.com/uc?id=15umsUiA9BIC4zXUTGwbJKs-titUOYG-c HTTP 303
https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/3ot41lnc6qt3d8ebe8du25u6dgng671h/1680012225000/17676978622777006763/*/15umsUiA9BIC4zXUTGwbJKs-titUOYG-c?uuid=a5ce2b54-e3b7-48f1-a104-3fa5b1a703c1

Request Chain 2

http://www.onegday.com/IMG_0145.jpg HTTP 302
https://drive.google.com/uc?id=1IHRhlz5weqhzuHP9ZDcUK-izSldhH5wt HTTP 303
https://doc-0s-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/il21jkh7um2k4qgkj16ektphbu0fgnd0/1680012225000/17676978622777006763/*/1IHRhlz5weqhzuHP9ZDcUK-izSldhH5wt?uuid=31f50607-146a-4f0b-aa5b-0d45e5bbc7a4

Request Chain 5

http://www.onegday.com/20170717_042816.mp4 HTTP 302
https://drive.google.com/uc?id=1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9 HTTP 303
https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9?uuid=d51a7ea4-6f42-43a0-8bf5-612b57d6c2ba

Request Chain 6

http://www.onegday.com/20170717_044547.mp4 HTTP 302
https://drive.google.com/uc?id=1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx HTTP 303
https://doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx?uuid=a5a15b88-6cf5-4bcc-99b2-916fb4004059

24 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.onegday.com/ 1 KB
1 KB 6808ms
2398ms Document
text/html 47.88.48.79
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.onegday.com/
Protocol: HTTP/1.1
Server: 47.88.48.79 San Mateo, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: acd2dd56adb492c8a547da39749ea5d382290abdb24eaccd3d7f9601bd951aae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: public, s-maxage=43200, max-age=43200
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 28 Mar 2023 14:03:57 GMT
Last-Modified: Tue, 28 Mar 2023 14:01:47 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih Accept-Encoding
X-Cache: BYPASS

GET
H2

200

11RPsceQJlXvq2OY3FTxLZgrZAFAkKl95
doc-14-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/q0hsmajsqji3a6ogrm54um4vt996i7pd/1680012225000/17676978622777006763/*/
Redirect Chain

http://www.onegday.com/IMG_0312.jpg
https://drive.google.com/uc?id=11RPsceQJlXvq2OY3FTxLZgrZAFAkKl95
https://doc-14-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/q0hsmajsqji3a6ogrm54um4vt996i7pd/1680012225000/17676978622777006763/*/11RPsceQJlXvq2OY3FTxLZgrZAFAkKl95?u...

484 KB
487 KB

425ms
296ms

Image
image/jpeg

142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-14-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/q0hsmajsqji3a6ogrm54um4vt996i7pd/1680012225000/17676978622777006763/*/11RPsceQJlXvq2OY3FTxLZgrZAFAkKl95?uuid=40871507-dbd3-4c2f-8888-348308529430
Requested by: Host: www.onegday.com
URL: http://www.onegday.com/
Protocol: H2
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash: eb56ae89482265e7d79b14bcae80acc8bb15a83826b1a07198182a6ecbc2549d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:03:58 GMT
server: UploadServer
x-guploader-uploadid: ADPycdtImZja1qF9YCGhOHeCTYmJqL8X0cMnJTW26PaG4jzIHTsKdLAuYMbWaR7Hn9MQaqTgsazu9_wz_P3hEsv5RgRv0w
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=tCfdSA==
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="IMG_0312.jpg"; filename*=UTF-8''IMG_0312.jpg
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 495750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Mar 2023 14:03:58 GMT

Redirect headers

date: Tue, 28 Mar 2023 14:03:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport, script-src 'report-sample' 'nonce-x3W_Ab6MfMcJyFYG926eGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="DriveUntrustedContentHttp"
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"DriveUntrustedContentHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/DriveUntrustedContentHttp/external"}]}
content-type: application/binary
location: https://doc-14-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/q0hsmajsqji3a6ogrm54um4vt996i7pd/1680012225000/17676978622777006763/*/11RPsceQJlXvq2OY3FTxLZgrZAFAkKl95?uuid=40871507-dbd3-4c2f-8888-348308529430
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

15umsUiA9BIC4zXUTGwbJKs-titUOYG-c
doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/3ot41lnc6qt3d8ebe8du25u6dgng671h/1680012225000/17676978622777006763/*/
Redirect Chain

http://www.onegday.com/IMG_0135.jpg
https://drive.google.com/uc?id=15umsUiA9BIC4zXUTGwbJKs-titUOYG-c
https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/3ot41lnc6qt3d8ebe8du25u6dgng671h/1680012225000/17676978622777006763/*/15umsUiA9BIC4zXUTGwbJKs-titUOYG-c?u...

125 KB
125 KB

356ms
321ms

Image
image/jpeg

142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/3ot41lnc6qt3d8ebe8du25u6dgng671h/1680012225000/17676978622777006763/*/15umsUiA9BIC4zXUTGwbJKs-titUOYG-c?uuid=a5ce2b54-e3b7-48f1-a104-3fa5b1a703c1
Requested by: Host: www.onegday.com
URL: http://www.onegday.com/
Protocol: H2
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash: ff32930cdffc84031da1ec8b479f3d031d0d702b800b29c471b712fcd3168aaa

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:03:59 GMT
server: UploadServer
x-guploader-uploadid: ADPycdvtwdFbS4zPY2fqjlH9XH8KQeCU6Yg3CVpGR8BnUy9kMSBAH7JgbMHbDbe47sl56d-4Dd7k1fFyB4h0LAJ7naqT7e7XOHNh
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=6ZKARw==
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="IMG_0135.jpg"; filename*=UTF-8''IMG_0135.jpg
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 127793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Mar 2023 14:03:59 GMT

Redirect headers

date: Tue, 28 Mar 2023 14:03:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-0iDxYYRbsyQprDaAptQLZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/3ot41lnc6qt3d8ebe8du25u6dgng671h/1680012225000/17676978622777006763/*/15umsUiA9BIC4zXUTGwbJKs-titUOYG-c?uuid=a5ce2b54-e3b7-48f1-a104-3fa5b1a703c1
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1IHRhlz5weqhzuHP9ZDcUK-izSldhH5wt
doc-0s-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/il21jkh7um2k4qgkj16ektphbu0fgnd0/1680012225000/17676978622777006763/*/
Redirect Chain

http://www.onegday.com/IMG_0145.jpg
https://drive.google.com/uc?id=1IHRhlz5weqhzuHP9ZDcUK-izSldhH5wt
https://doc-0s-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/il21jkh7um2k4qgkj16ektphbu0fgnd0/1680012225000/17676978622777006763/*/1IHRhlz5weqhzuHP9ZDcUK-izSldhH5wt?u...

2 MB
2 MB

446ms
430ms

Image
image/jpeg

142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0s-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/il21jkh7um2k4qgkj16ektphbu0fgnd0/1680012225000/17676978622777006763/*/1IHRhlz5weqhzuHP9ZDcUK-izSldhH5wt?uuid=31f50607-146a-4f0b-aa5b-0d45e5bbc7a4
Requested by: Host: www.onegday.com
URL: http://www.onegday.com/
Protocol: H2
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash: e408ec593e250f12d3561a64572b2759d60e88a2abfe04c9388790a55b68c0fe

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:03:58 GMT
server: UploadServer
x-guploader-uploadid: ADPycdtEMb99M58qBoy49OzSAXJBfjgkN15awO7sv7GGCil9oLDiCWxYXpu-XdceCmrxSRSxYRZsUe_qKxQuXKeXq2WaIw
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=ctdShA==
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="IMG_0145.jpg"; filename*=UTF-8''IMG_0145.jpg
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
content-length: 2442459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Mar 2023 14:03:58 GMT

Redirect headers

date: Tue, 28 Mar 2023 14:03:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-eb-tLAq5Rsz0oCJ1A3HQoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="DriveUntrustedContentHttp"
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"DriveUntrustedContentHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/DriveUntrustedContentHttp/external"}]}
content-type: application/binary
location: https://doc-0s-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/il21jkh7um2k4qgkj16ektphbu0fgnd0/1680012225000/17676978622777006763/*/1IHRhlz5weqhzuHP9ZDcUK-izSldhH5wt?uuid=31f50607-146a-4f0b-aa5b-0d45e5bbc7a4
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wd.js Show response
www.drv.tw/inc/ 690 B
841 B 999ms
47ms Script
text/javascript 20.50.153.39
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.drv.tw/inc/wd.js?s=k1ismkchtifh2aeuuimrfg

Requested by

Host: www.onegday.com
URL: http://www.onegday.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.153.39 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:03:58 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Sun, 29 May 2022 11:24:13 GMT
x-content-type-options: nosniff
etag: "55789111"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

206

1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9
doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/
Redirect Chain

http://www.onegday.com/20170717_042816.mp4
https://drive.google.com/uc?id=1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9
https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9?u...

44 KB
0

423ms
423ms

Media
video/mp4

142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9?uuid=d51a7ea4-6f42-43a0-8bf5-612b57d6c2ba
Protocol: H3
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:04:04 GMT
server: UploadServer
x-guploader-uploadid: ADPycdsBj4kKo_9QUS-Xdy4XgmPIBohb4ycnMrrNaHQD12OFu0hWvk3ckh2curddSBcyxKDMVKd3mvf6o-u7TtpRfLGD2VgiJoJ2
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=FdQiaA==
cache-control: private, max-age=0
access-control-allow-credentials: false
Content-Range: bytes 0-74544540/74544541
content-disposition: inline; filename="20170717_042816.mp4"; filename*=UTF-8''20170717_042816.mp4
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 74544541
expires: Tue, 28 Mar 2023 14:04:04 GMT

Redirect headers

date: Tue, 28 Mar 2023 14:04:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-8MY4lDb75jKsKyUgZSge-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9?uuid=d51a7ea4-6f42-43a0-8bf5-612b57d6c2ba
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

206

1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx
doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/
Redirect Chain

http://www.onegday.com/20170717_044547.mp4
https://drive.google.com/uc?id=1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx
https://doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx?u...

38 KB
0

492ms
375ms

Media
video/mp4

142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx?uuid=a5a15b88-6cf5-4bcc-99b2-916fb4004059
Protocol: H3
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:04:03 GMT
server: UploadServer
x-guploader-uploadid: ADPycdtV6PQoAJkYtFEVTe3EBYW2a2aVVKgAoIOhLdYkOythteZExT1ru5aRMbj5uDhQRAuCcKkQrtTsIKm2c_gAR6Q_yDhTu_Ez
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=sHRr9A==
cache-control: private, max-age=0
access-control-allow-credentials: false
Content-Range: bytes 0-89941685/89941686
content-disposition: inline; filename="20170717_044547.mp4"; filename*=UTF-8''20170717_044547.mp4
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 89941686
expires: Tue, 28 Mar 2023 14:04:03 GMT

Redirect headers

date: Tue, 28 Mar 2023 14:04:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport, script-src 'report-sample' 'nonce-vv7JOkN0xscG6jQqPiU59A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx?uuid=a5a15b88-6cf5-4bcc-99b2-916fb4004059
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
45 KB 143ms
52ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-85417367-1

Requested by

Host: www.drv.tw
URL: https://www.drv.tw/inc/wd.js?s=k1ismkchtifh2aeuuimrfg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

68527a10f7208762ba02769b92e3e78e79579e3a199148d66335f105e56a0461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:03:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Mar 2023 14:03:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
73 KB 63ms
61ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

613623c582fe64f2b2bb59654afd6005825cf6d9b94a12d34d3eebbbd4615394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:03:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Mar 2023 14:03:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 53ms
53ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dc0098f08e49b35a03a5203e1778b63e83443a8ddb3a79638ae7801fc3a88850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:03:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81932
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Mar 2023 14:03:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 135ms
40ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 12:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 7127
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Mar 2023 14:05:11 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 124ms
45ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NBGQJBJMEG&gtm=45je33r0&_p=1895184638&cid=1865860404.1680012239&ul=en-us&sr=1600x1200&_s=1&sid=1680012238&sct=1&seg=0&dl=http%3A%2F%2Fwww.onegday.com%2F&dt=Czego%20mo%C5%BCemy%20spodziewa%C4%87%20si%C4%99%20przy%20%C5%82adnej%20pogodzie&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 14:03:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.onegday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 58ms
45ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LHL0SH0Z7S&gtm=45je33r0&_p=1895184638&cid=1865860404.1680012239&ul=en-us&sr=1600x1200&_s=1&sid=1680012238&sct=1&seg=0&dl=http%3A%2F%2Fwww.onegday.com%2F&dt=Czego%20mo%C5%BCemy%20spodziewa%C4%87%20si%C4%99%20przy%20%C5%82adnej%20pogodzie&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 14:03:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.onegday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 47ms
43ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1895184638&t=pageview&_s=1&dl=http%3A%2F%2Fwww.onegday.com%2F&ul=en-us&de=UTF-8&dt=Czego%20mo%C5%BCemy%20spodziewa%C4%87%20si%C4%99%20przy%20%C5%82adnej%20pogodzie&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=333529841&gjid=1983606584&cid=1865860404.1680012239&tid=UA-85417367-1&_gid=2008474111.1680012239&_r=1&gtm=457e33r0&jsscut=1&z=354011356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.onegday.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 14:03:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.onegday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 158ms
48ms XHR
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-85417367-1&cid=1865860404.1680012239&jid=333529841&gjid=1983606584&_gid=2008474111.1680012239&_u=YADAAUAAAAAAACAAI~&z=1080988235

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.onegday.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Mar 2023 14:03:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.onegday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx
doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/ 26 KB
26 KB 288ms
285ms Media
video/mp4 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx?uuid=a5a15b88-6cf5-4bcc-99b2-916fb4004059
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash: 0a1c21fc153d118773d3e24d3dc4fd300f4b2ce54da575b96317639f53d639ac

Request headers

Referer: http://www.onegday.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=89915392-

Response headers

date: Tue, 28 Mar 2023 14:04:03 GMT
server: UploadServer
x-guploader-uploadid: ADPycdtP5Kc61xMbqATrH-V82loemZqkWwX_6uK6rMiwO10gcOCJNqhhrUQ1exZFe6r8bSC5nHWXOV7o3vwOdeHM9fA2S_BthHVS
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 89915392-89941685/89941686
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="20170717_044547.mp4"; filename*=UTF-8''20170717_044547.mp4
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 26294
expires: Tue, 28 Mar 2023 14:04:03 GMT

GET
H3 206 1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx
doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/ 2 MB
0 330ms
330ms Media
video/mp4 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx?uuid=a5a15b88-6cf5-4bcc-99b2-916fb4004059
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash

Request headers

Referer: http://www.onegday.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=32768-

Response headers

date: Tue, 28 Mar 2023 14:04:03 GMT
server: UploadServer
x-guploader-uploadid: ADPycduYsbzFccM6X0Rnnvclai0DzUGs0VgSZxXlficBsP0SLsNHJRvoyjVUfGdxe1Sn5zjxhsEBRTiLoRHlnxOn7dW2nG6cG_Mq
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 32768-89941685/89941686
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="20170717_044547.mp4"; filename*=UTF-8''20170717_044547.mp4
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 89908918
expires: Tue, 28 Mar 2023 14:04:03 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 47ms
47ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LHL0SH0Z7S&gtm=45je33r0&_p=1895184638&cid=1865860404.1680012239&ul=en-us&sr=1600x1200&_eu=AEA&_s=2&sid=1680012238&sct=1&seg=0&dl=http%3A%2F%2Fwww.onegday.com%2F&dt=Czego%20mo%C5%BCemy%20spodziewa%C4%87%20si%C4%99%20przy%20%C5%82adnej%20pogodzie&en=scroll&epn.percent_scrolled=90&_et=22&up.d2w_sid=k1ismkchtifh2aeuuimrfg
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://www.onegday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 14:04:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.onegday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9
doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/ 29 KB
29 KB 325ms
322ms Media
video/mp4 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9?uuid=d51a7ea4-6f42-43a0-8bf5-612b57d6c2ba
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash: d78dbe019647ac61ffc91590a8b238480114d5a11c33393f4358ffca2b8f6611

Request headers

Referer: http://www.onegday.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=74514432-

Response headers

date: Tue, 28 Mar 2023 14:04:04 GMT
server: UploadServer
x-guploader-uploadid: ADPycdunwU1IT0rFl73OFYcApsfd346DlS_IHmC8Z3kXMV8aFc5iAu5RCjp0zjN8mQiYNcr6m9VOuJUm-jw7nwqTJvQa1sMHmtEy
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 74514432-74544540/74544541
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="20170717_042816.mp4"; filename*=UTF-8''20170717_042816.mp4
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 30109
expires: Tue, 28 Mar 2023 14:04:04 GMT

GET
H3 206 1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9
doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/ 1 MB
0 229ms
226ms Media
video/mp4 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9?uuid=d51a7ea4-6f42-43a0-8bf5-612b57d6c2ba
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash

Request headers

Referer: http://www.onegday.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=32768-

Response headers

date: Tue, 28 Mar 2023 14:04:04 GMT
server: UploadServer
x-guploader-uploadid: ADPycdsaQwDOufPNNk0HBWrn5LFheOqhesNTq6YJs6_AcRBMiuKyk5pCd9oNCd1-WQ3wrvtUs4cVnc7lMGiuPEYg19bDawZwdXQJ
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 32768-74544540/74544541
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="20170717_042816.mp4"; filename*=UTF-8''20170717_042816.mp4
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 74511773
expires: Tue, 28 Mar 2023 14:04:04 GMT

GET
H3 206 1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx
doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/ 3 MB
0 507ms
506ms Media
video/mp4 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx?uuid=a5a15b88-6cf5-4bcc-99b2-916fb4004059
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash

Request headers

Referer: http://www.onegday.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=1736704-

Response headers

date: Tue, 28 Mar 2023 14:04:05 GMT
server: UploadServer
x-guploader-uploadid: ADPycdtqSGhZwFcbo1w0_c5aveMdC_7T9N68pOSZvyDUxhAM5dD89V4qzgl6a5QsL0yHwvgiZhWT5tgaIxA0Sc9kvJTK4JgQ-iaZ
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 1736704-89941685/89941686
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="20170717_044547.mp4"; filename*=UTF-8''20170717_044547.mp4
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 88204982
expires: Tue, 28 Mar 2023 14:04:05 GMT

GET
H3 206 1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9
doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/ 4 MB
0 269ms
267ms Media
video/mp4 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-0k-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5lptgeca1idr0goneff05f1fju4og2r1/1680012225000/17676978622777006763/*/1E_DC5BhVrLqJvVsrMHVyZFekbGoFkHw9?uuid=d51a7ea4-6f42-43a0-8bf5-612b57d6c2ba
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash

Request headers

Referer: http://www.onegday.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=1409024-

Response headers

date: Tue, 28 Mar 2023 14:04:05 GMT
server: UploadServer
x-guploader-uploadid: ADPycdtLOkDwNd-Sc9Qe-iC0W0yJvC54Y3570RXxBArsX6gWUc3S2mQb_kEZVv4TatqAIOrPiISHTWZytSxN-_unygwDVZJ-kVyX
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 1409024-74544540/74544541
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="20170717_042816.mp4"; filename*=UTF-8''20170717_042816.mp4
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 73135517
expires: Tue, 28 Mar 2023 14:04:05 GMT

GET
H3 206 1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx
doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/ 648 KB
0 402ms
397ms Media
video/mp4 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx?uuid=a5a15b88-6cf5-4bcc-99b2-916fb4004059
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash

Request headers

Referer: http://www.onegday.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=4685824-

Response headers

date: Tue, 28 Mar 2023 14:04:06 GMT
server: UploadServer
x-guploader-uploadid: ADPycdsFmkK7r_Y661sYBsqSIF7TtNivWgmlQQbvZAEvlv2_JBQcnx2CIRQf1HumMo0hlqeYiY_OVmHlStHP9M5KH6qhOURIIOE2
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 4685824-89941685/89941686
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="20170717_044547.mp4"; filename*=UTF-8''20170717_044547.mp4
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 85255862
expires: Tue, 28 Mar 2023 14:04:06 GMT

GET
H3 206 1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx
doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/ 206 KB
0 226ms
225ms Media
video/mp4 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://doc-10-3g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcjbc3nljqpso3uolhtqq7u5arco6j1n/1680012225000/17676978622777006763/*/1fP3iIxr8zLDwUTmaWLCr-EJEQJ6JXecx?uuid=a5a15b88-6cf5-4bcc-99b2-916fb4004059
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: UploadServer /
Resource Hash

Request headers

Referer: http://www.onegday.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=5341184-

Response headers

date: Tue, 28 Mar 2023 14:04:06 GMT
server: UploadServer
x-guploader-uploadid: ADPycdtiORaKDs6gxBsb_1zK4KGnmTPKBwIMAXvDJ_ySpMPkhIqi9SXdEelg60NE0GFROWE1oab8ZVoxDUB7nUm77z6-LW-6QUHn
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 5341184-89941685/89941686
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline; filename="20170717_044547.mp4"; filename*=UTF-8''20170717_044547.mp4
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 84600502
expires: Tue, 28 Mar 2023 14:04:06 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.onegday.com/	1969-12-31 23:59:59	Name: uid Value: rBSZwGQi880mly1JjQlFAg==
.onegday.com/	1970-01-20 20:16:12	Name: _ga_NBGQJBJMEG Value: GS1.1.1680012238.1.0.1680012238.0.0.0
.onegday.com/	1970-01-20 20:16:12	Name: _ga_LHL0SH0Z7S Value: GS1.1.1680012238.1.0.1680012238.0.0.0
.onegday.com/	1970-01-20 20:16:12	Name: _ga Value: GA1.2.1865860404.1680012239
.onegday.com/	1970-01-20 10:41:38	Name: _gid Value: GA1.2.2008474111.1680012239
.onegday.com/	1970-01-20 10:40:12	Name: _gat_gtag_UA_85417367_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

doc-0k-3g-docs.googleusercontent.com
doc-0s-3g-docs.googleusercontent.com
doc-10-3g-docs.googleusercontent.com
doc-14-3g-docs.googleusercontent.com
drive.google.com
region1.google-analytics.com
stats.g.doubleclick.net
www.drv.tw
www.google-analytics.com
www.googletagmanager.com
www.onegday.com
142.250.181.238
142.250.186.129
142.250.186.168
172.217.18.110
173.194.76.157
20.50.153.39
216.239.34.36
47.88.48.79
0a1c21fc153d118773d3e24d3dc4fd300f4b2ce54da575b96317639f53d639ac
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
613623c582fe64f2b2bb59654afd6005825cf6d9b94a12d34d3eebbbd4615394
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
68527a10f7208762ba02769b92e3e78e79579e3a199148d66335f105e56a0461
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
acd2dd56adb492c8a547da39749ea5d382290abdb24eaccd3d7f9601bd951aae
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d78dbe019647ac61ffc91590a8b238480114d5a11c33393f4358ffca2b8f6611
dc0098f08e49b35a03a5203e1778b63e83443a8ddb3a79638ae7801fc3a88850
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e408ec593e250f12d3561a64572b2759d60e88a2abfe04c9388790a55b68c0fe
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb56ae89482265e7d79b14bcae80acc8bb15a83826b1a07198182a6ecbc2549d
ff32930cdffc84031da1ec8b479f3d031d0d702b800b29c471b712fcd3168aaa

www.onegday.com Open in urlscan Pro 47.88.48.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

75 %HTTPS

0 %IPv6

7 Domains

11 Subdomains

8 IPs

2 Countries

3275 kBTransfer

14629 kBSize

6 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onegday.com Open in urlscan Pro
47.88.48.79 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

75 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

8
IPs

2
Countries

3275 kB
Transfer

14629 kB
Size

6
Cookies

24 HTTP transactions
6 data transactions