urlscan.io logo urlscan.io
SecurityTrails logo

community.windy.com Open in urlscan Pro
34.120.250.143  Public Scan

Go To Rescan Add Verdict Report
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Submission Tags: falconsandbox
Submission: On May 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 67 HTTP transactions. The main IP is 34.120.250.143, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is community.windy.com. The Cisco Umbrella rank of the primary domain is 682316.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.
This is the only time community.windy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

49    34.120.250.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.250.120.34.bc.googleusercontent.com
community.windy.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.35.58.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-12.fra60.r.cloudfront.net
www.windy.com
1    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
buttons.github.io
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    35.241.53.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.53.241.35.bc.googleusercontent.com
ims-s.windy.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
1    216.58.212.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
51 windy.com
community.windy.com — Cisco Umbrella Rank: 682316
www.windy.com — Cisco Umbrella Rank: 48240
ims-s.windy.com — Cisco Umbrella Rank: 63411
2 MB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1357
28 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7810
126 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
www.google.com — Cisco Umbrella Rank: 2
118 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
410 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
187 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
1 github.io
buttons.github.io — Cisco Umbrella Rank: 63580
67 9
Domain Requested by
49 community.windy.com community.windy.com
3 platform.twitter.com community.windy.com
platform.twitter.com
2 www.google.de community.windy.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com community.windy.com
www.google-analytics.com
2 www.googletagmanager.com community.windy.com
www.google-analytics.com
1 www.google.com community.windy.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 ims-s.windy.com community.windy.com
1 www.facebook.com community.windy.com
1 buttons.github.io community.windy.com
1 www.windy.com community.windy.com
67 13

This site contains links to these domains. Also see Links.

Domain
www.windy.com
windy.com
nodebb.org
account.windy.com
Subject Issuer Validity Valid
windy.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-24 -
2024-05-24		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.de
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://community.windy.com/topic/10731/windy-com-security-compromise
Frame ID: 0CDFFC53540D1DAC42C3FFDD0E9B39CB
Requests: 63 HTTP requests in this frame

Frame: https://buttons.github.io/buttons.html
Frame ID: 8FA90F37F0304F0D8CE8D85DC86C2EA2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fwindyforecast&width&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=426030704216458
Frame ID: E4D29766CAF131B5C4F9169137B4FF1E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.822866e4b050d0b8bbb7f5fa8ac5e58b.en-gb.html
Frame ID: FF5D274B4A641BA8F1D195CF8A69024D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fcommunity.windy.com
Frame ID: E784BE12BEB99AF3F91079DA03EAC41D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windy.com Security Compromise? @ Windy Community

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

2046 kB
Transfer

2467 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request windy-com-security-compromise
community.windy.com/topic/10731/ 		57 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
39026e0ea8cbb31e7276e039a68b9eb94ae6714d5e5ce7aaa38dc2e4a3767da0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58695
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 17 May 2024 07:33:47 GMT
etag
W/"e547-xmleD/goFY/U4qxfdt1y6PAmThA"
origin-agent-cluster
?1
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.14.2
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-xss-protection
0
client.css
community.windy.com/assets/ 		486 KB
486 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/client.css?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
6391e629eb134c67b971ff9b29bd2ba7c05960c8c7a2b8367e2a8041fcde5006
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
497337
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:18:06 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"796b9-18f721a6ffd"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
default.css
community.windy.com/assets/plugins/nodebb-plugin-markdown/styles/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/plugins/nodebb-plugin-markdown/styles/default.css
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
fbde0ac0921d86c356c41532e7319c887a23bd1b8ff00060cab447249f03c7cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1144
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 12:51:59 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"478-18f72028598"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
js
www.googletagmanager.com/gtag/ 		284 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SM0LH86XWJ
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd4550fcd1e7b8ef489b3c3a128caea4652eac2ddd0fb3b374170fe99a402889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98592
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 May 2024 07:33:47 GMT
composer.js
community.windy.com/assets/src/modules/ 		0
141 B 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/src/modules/composer.js?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:13:47 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"6b-18f72167dd1"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
uploads.js
community.windy.com/assets/src/modules/composer/ 		0
152 B 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/src/modules/composer/uploads.js?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:17:49 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"76-18f721a2d05"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
drafts.js
community.windy.com/assets/src/modules/composer/ 		0
151 B 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/src/modules/composer/drafts.js?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:17:49 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"75-18f721a2d04"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
tags.js
community.windy.com/assets/src/modules/composer/ 		0
152 B 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/src/modules/composer/tags.js?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:21:49 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"73-18f721dd7ab"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
categoryList.js
community.windy.com/assets/src/modules/composer/ 		0
157 B 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/src/modules/composer/categoryList.js?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:25:26 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"7b-18f72212927"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
resize.js
community.windy.com/assets/src/modules/composer/ 		0
151 B 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/src/modules/composer/resize.js?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:03 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"75-18f7216bbd0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
autocomplete.js
community.windy.com/assets/src/modules/composer/ 		0
157 B 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/src/modules/composer/autocomplete.js?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:17:49 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"7b-18f721a2d05"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
composer.tpl
community.windy.com/assets/templates/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/templates/composer.tpl?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11861
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:04 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"2e55-18f7216be35"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/vnd.groove-tool-template
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
topic.json
community.windy.com/assets/language/en-GB/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/language/en-GB/topic.json?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10494
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:13:58 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"28fe-18f7216a787"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/json; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
modules.json
community.windy.com/assets/language/en-GB/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/language/en-GB/modules.json?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6692
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:13:58 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"1a24-18f7216a6bd"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/json; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
tags.json
community.windy.com/assets/language/en-GB/ 		0
723 B 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/language/en-GB/tags.json?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
689
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:25:21 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"2b1-18f722112ed"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/json; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
default.css
community.windy.com/assets/plugins/nodebb-plugin-markdown/styles/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/plugins/nodebb-plugin-markdown/styles/default.css
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1144
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 12:51:59 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"478-18f72028598"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
markdown.json
community.windy.com/assets/language/en-GB/ 		0
406 B 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/language/en-GB/markdown.json?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
372
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:25:22 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"174-18f722116d8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/json; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
nodebb.min.js
community.windy.com/assets/ 		428 KB
428 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
8d152ab9317051c8d8173f7b38f9db9ac5b742b2fce32e5bcfa8a31d54238a1d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438161
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:06 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"6af91-18f7216c798"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
logo-full-windy-community-gray-v3.svg
www.windy.com/img/logo201802/ 		17 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.windy.com/img/logo201802/logo-full-windy-community-gray-v3.svg
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-12.fra60.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
32a6ab9a3bdf7bba4c2f90c51aef1d2264303275ad88a01eef14804666c80945

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Sep 2023 09:26:37 GMT
via
1.1 google, 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 15 May 2018 13:28:18 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA60-P10
age
20124430
etag
W/"5afae072-42ff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=63072000
x-amz-cf-id
0vogLBOAaDFui1MlYVqrAhdIDiqZ5WcgeZyH-beZBeh7g7ntVqmqBA==
expires
Fri, 26 Sep 2025 09:26:37 GMT
fa-solid-900.woff2
community.windy.com/assets/fontawesome/webfonts/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/client.css?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/assets/client.css?v=om17peou014
Origin
https://community.windy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156496
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:25:41 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"26350-18f722161c5"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
font/woff2
access-control-allow-origin
https://community.windy.com
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
buttons.html
buttons.github.io/ Frame 8FA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://buttons.github.io/buttons.html
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://community.windy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
280
cache-control
max-age=600
content-length
125
content-type
text/html; charset=utf-8
date
Fri, 17 May 2024 07:33:47 GMT
etag
"664231be-7d"
expires
Mon, 13 May 2024 15:42:18 GMT
last-modified
Mon, 13 May 2024 15:29:02 GMT
permissions-policy
interest-cohort=()
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
ea6b80287b179b51a93e6a88053f90a75990416d
x-github-request-id
828A:329995:4FFA9EE:51F7DBE:664232BA
x-proxy-cache
HIT
x-served-by
cache-mxp6935-MXP
x-timer
S1715931228.702491,VS0,VE1
like.php
www.facebook.com/plugins/ Frame E4D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fwindyforecast&width&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=426030704216458
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://community.windy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Fri, 17 May 2024 07:33:47 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2779, tp=-1, tpl=-1, uplat=28, ullat=0
x-fb-debug
UpDGrDGhBFqs3E59t6sr0ROljrWKYhjzdbjwZa5jmIMRMKJ/TipB7JUgq84LGp3VhMJdyTYc98Kcij+nX8L3Ag==
x-xss-protection
0
follow_button.822866e4b050d0b8bbb7f5fa8ac5e58b.en-gb.html
platform.twitter.com/widgets/ Frame FF5D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.822866e4b050d0b8bbb7f5fa8ac5e58b.en-gb.html
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://community.windy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
4586219
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12926
Content-Type
text/html; charset=utf-8
Date
Fri, 17 May 2024 07:33:47 GMT
Etag
"fbdbbf5ca6fab6cabbdf2acd6d618327+gzip"
Last-Modified
Tue, 04 Apr 2017 20:44:29 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669F)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 17 May 2024 07:33:47 GMT
Content-Encoding
gzip
Age
1442
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (frb/6752)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
category-4.jpg
community.windy.com/uploads/category/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.windy.com/uploads/category/category-4.jpg
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
9b5b5542ab3c1e9b23f18733c3c4767b82f04c29e0adb7a863bb9b73c09fda03

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
via
1.1 google
last-modified
Fri, 15 Jun 2018 01:34:51 GMT
server
nginx/1.14.2
etag
"5b2317bb-193cc"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103372
fa-regular-400.woff2
community.windy.com/assets/fontawesome/webfonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/client.css?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
2bccecf0bc7e96cd5ce4003abeb3ae9ee4a3d19158c4e6edfd2df32d2f0d5721
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/assets/client.css?v=om17peou014
Origin
https://community.windy.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25452
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:25:41 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"636c-18f722161c5"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
font/woff2
access-control-allow-origin
https://community.windy.com
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
1467205-profileavatar.png
ims-s.windy.com/account/images/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ims-s.windy.com/account/images/1467205-profileavatar.png?1661249750458
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.53.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.53.241.35.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
1aa290c361e852baa4a07d7e57fe689b7dc7fea5ee0757d7f564af00dcb29e51

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABPtcPrcASgs9996IS4lw0g_XiPuCPvFbcd2Xs-VU3j5zoV2fp4bZ4pVuzbkb-o0Jx0RvAH5NzY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36970
last-modified
Tue, 23 Aug 2022 10:15:50 GMT
server
nginx/1.18.0
etag
"2dff5aaa43aecaf80a261a15961c21e3"
x-goog-generation
1661249750365828
content-type
image/jpeg
x-goog-meta-custom
metadata
cache-control
public, max-age=3600
x-goog-hash
crc32c=s72cQA==, md5=Lf9aqkOuyvgKJhoVlhwh4w==
x-goog-stored-content-length
36970
accept-ranges
bytes
x-proxy-cache-wcl
HIT
expires
Fri, 17 May 2024 07:47:57 GMT
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SM0LH86XWJ&gtm=45je45f0v868912760za200&_p=1715931227568&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1380347068.1715931228&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715931227&sct=1&seg=0&dl=https%3A%2F%2Fcommunity.windy.com%2Ftopic%2F10731%2Fwindy-com-security-compromise&dt=Windy.com%20Security%20Compromise%3F%20%40%20Windy%20Community&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1&tfd=584
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SM0LH86XWJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 07:33:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://community.windy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame E784 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fcommunity.windy.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://community.windy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
4598775
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Fri, 17 May 2024 07:33:47 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6712)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
error.json
community.windy.com/assets/language/de/ 		20 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/language/de/error.json?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
8a2c03238a41fb20a4663ae3ec7e5268053f1b7515d52e4ecf8aedb36b297a87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20632
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:17:44 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"5098-18f721a19e7"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/json; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
global.json
community.windy.com/assets/language/de/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/language/de/global.json?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
9a7454dec5d82d8834f57c49816c3fc956ce7858afa021dd36c25824ace0edaf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5490
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:13:58 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"1572-18f7216a664"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/json; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
500.js
community.windy.com/assets/templates/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/templates/500.js?_=1715931227818
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
7cfe5a7746771d5094c2b976b1ec90207a9c0313cc1f8832887c7751d605b260
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
text/plain, */*; q=0.01
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1077
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"435-18f7216b2e3"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
toast.js
community.windy.com/assets/templates/partials/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/templates/partials/toast.js?_=1715931227819
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
663eb9f70334b3fa1b7c0f2da773867a7af232ea262d27a8c68ffd4db2c2a13b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
text/plain, */*; q=0.01
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1773
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:21:47 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"6ed-18f721dd035"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
61324.e31303aaf26460539146.min.js
community.windy.com/assets/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/61324.e31303aaf26460539146.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
6ae16ee4c226c6c888acf7edf7e04285e0cd6c5a9fcdb82a3de1ac764909f990
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9249
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:26:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"2421-18f7221b113"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
14753.6c235863b1b606c7fc95.min.js
community.windy.com/assets/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/14753.6c235863b1b606c7fc95.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
1b4e1790171a3a5986d1298c608df083dbd7465284813bb1fa86b91a89325f30
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11552
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:26:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"2d20-18f7221b0b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
modules.json
community.windy.com/assets/language/de/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/language/de/modules.json?v=om17peou014
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
debffbfc513a9d2b2250f0620d29cb7defa4660f4db1ae0b7e342ab2e04e9550
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7512
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:13:45 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"1d58-18f7216738e"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/json; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 May 2024 06:20:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4400
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 17 May 2024 08:20:27 GMT
5947.a34e39c598ea5e293c4d.min.js
community.windy.com/assets/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/5947.a34e39c598ea5e293c4d.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
2dde78b50bad3039c410768d150058e1c9260fb2e0bb119fb5dd6e54962482f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4281
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:22:27 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"10b9-18f721e6b4b"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
persona-taskbar.7afcc1d451f5df15fc51.min.js
community.windy.com/assets/modules/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/modules/persona-taskbar.7afcc1d451f5df15fc51.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
52b3179a99c7e01a23ce69702df9a36ac39e611248f9738271f9080ae2da60d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1294
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:22:27 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"50e-18f721e6b46"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
persona-mobile-menu.fe2d274ab75c04f82c94.min.js
community.windy.com/assets/modules/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/modules/persona-mobile-menu.fe2d274ab75c04f82c94.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
40cfaaaf13e344519858598639f329cf8a1b21352aaff819c0e061cc5d9c202e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19575
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:18:27 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"4c77-18f721ac249"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
storage.a7d08ff95613fc7cd864.min.js
community.windy.com/assets/modules/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/modules/storage.a7d08ff95613fc7cd864.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
92dc8ffc075ef885709cb91751f04462dae300684d21ca3e6babd1970420f307
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1319
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:38 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"527-18f7217424f"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
jquery-timeago-de.4c7d805dbe54dd676ebc.min.js
community.windy.com/assets/timeago/ 		545 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/timeago/jquery-timeago-de.4c7d805dbe54dd676ebc.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
5c08fa194fdc22cac09cd38c04e4941a0892735c779551303b5c5af6b19dff20
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
545
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:26:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"221-18f7221b063"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
41427.5b06dbf610a0c1d3a751.min.js
community.windy.com/assets/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/41427.5b06dbf610a0c1d3a751.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
6c4f725edcf051d53e4b14cf65772a717605c2c2f260d02b8ac361ba057735ee
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29797
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:37 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"7465-18f72174207"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
composer-drafts.a37ae89546d4c7c28d82.min.js
community.windy.com/assets/modules/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/modules/composer-drafts.a37ae89546d4c7c28d82.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
c8d416ee9b0cb478ce074fba810fd19dd203ba50af495e9399dbeeebc4516225
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7378
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:06 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"1cd2-18f7216c7c9"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
23662.84ed4230bf86f96cf4a5.min.js
community.windy.com/assets/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/23662.84ed4230bf86f96cf4a5.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
b398d210cb0d37f976cecc216ba5d95a91ed9f676ff8492564e422d65bccc747
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12649
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:26:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"3169-18f7221b111"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
6411.93adfd858acfa0c114b6.min.js
community.windy.com/assets/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/6411.93adfd858acfa0c114b6.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
ef653aecb9ef5d7600686cea02f504ab2eb685a9e699b898edcf71ea5182f1ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:06 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"1466-18f7216c7d6"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
65285.53a721c5988ad8720256.min.js
community.windy.com/assets/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/65285.53a721c5988ad8720256.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
3ccb984c76f6908eb5a93d50feff8dc1fa022094267270ccbff5e9378f3749a1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26947
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:18:27 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"6943-18f721ac2c0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
54516.d53384543de32ee316cb.min.js
community.windy.com/assets/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/54516.d53384543de32ee316cb.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
2fdbce0e617c2ad65371913103c1cf9fad3479466d0c4960b49fe544dfed792e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25775
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:38 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"64af-18f721742c1"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
99166.a8eb1b126ea3195c5839.min.js
community.windy.com/assets/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/99166.a8eb1b126ea3195c5839.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
6209c96752628fb8ae2a2946251987220c083eb661e5374f0b6025d0d75a0ff5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28181
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:22:27 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"6e15-18f721e6bc8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
23346.9c7fea7d134e4e1fb26d.min.js
community.windy.com/assets/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/23346.9c7fea7d134e4e1fb26d.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
629383b64ce4bae70ebd42740ff64462c3c446cea1edd9ca5f78d99d549a8174
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15499
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:06 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"3c8b-18f7216c828"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
96352.9efb96dd4c21c7be97bd.min.js
community.windy.com/assets/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/96352.9efb96dd4c21c7be97bd.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
96c131ea2e33d7a20c8d8212b9daaefe1769955e44f33062cc4e293dec2ce203
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12705
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:26:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"31a1-18f7221b113"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
topic-postTools.fa22bb483a1c3863982b.min.js
community.windy.com/assets/forum/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/forum/topic-postTools.fa22bb483a1c3863982b.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
b980c2b0306ee9a57d759a2a2f8b9285fd23399e48cd625451764d63c82669f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25309
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:26:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"62dd-18f7221b07c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
topic-threadTools.aec2397352e1fc08f129.min.js
community.windy.com/assets/forum/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/forum/topic-threadTools.aec2397352e1fc08f129.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
7eb12e2ccd5bf01ea2684a3afc7f967a60495c24d8ad658dc0f6686165bc1112
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22130
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:38 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"5672-18f72174245"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
47061.11b1ced08384b55d0c5c.min.js
community.windy.com/assets/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/47061.11b1ced08384b55d0c5c.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
62759e679c3e1cfb78b9c09e388ae3fc10680a6d7c1db58f53a922bf528ae509
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16670
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:14:38 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"411e-18f721742c2"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
topic.6b8d493bffb9ad84773f.min.js
community.windy.com/assets/forum/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/forum/topic.6b8d493bffb9ad84773f.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
4aab4fcd3b2006ed467028701b973f366d3e84f1dde47cc2ce907d56336e6789
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25319
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:26:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"62e7-18f7221b07b"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
collect
www.google-analytics.com/j/ 		16 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=889660545&t=pageview&_s=1&dl=https%3A%2F%2Fcommunity.windy.com%2Ftopic%2F10731%2Fwindy-com-security-compromise&ul=de-de&de=UTF-8&dt=Windy.com%20Security%20Compromise%3F%20%40%20Windy%20Community&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAAABAAAAACAAI~&jid=417705135&gjid=1914356927&cid=1380347068.1715931228&tid=UA-56263486-15&_gid=2052872578.1715931228&_r=1&_slc=1&z=1504165744
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
347211b5076a626f4f1eb109708698add6e7463aa451a60d0c4e0b8854bd0bf3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 May 2024 07:33:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://community.windy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-56263486-15&cid=1380347068.1715931228&jid=417705135&gjid=1914356927&_gid=2052872578.1715931228&_u=IADAAAAAAAAAACAAI~&z=1571235694
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 17 May 2024 07:33:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://community.windy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		256 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VZREPTWN67&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4379a6c5931eb4ae3fa5b6a83ea6911a8a4c31892cb4f2b0831ec0b425732acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92294
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 May 2024 07:33:48 GMT
91496.23349d29d37d468db635.min.js
community.windy.com/assets/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/91496.23349d29d37d468db635.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
0ee8809c34d1f02d60c40e777e04af4da1feae001cfb41a26c2d0d7b2fee40aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7461
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:22:27 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"1d25-18f721e6bbd"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
38416.aa135a15371f10ab5037.min.js
community.windy.com/assets/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/38416.aa135a15371f10ab5037.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
1f849e6151d87bf5d7fecd4d5cab55daa4c23e158d7ff548c54fecdae08b3a42
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20477
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:26:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"4ffd-18f7221b112"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
41545.0da64e6b7effbc3493b5.min.js
community.windy.com/assets/ 		110 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/41545.0da64e6b7effbc3493b5.min.js
Requested by
Host: community.windy.com
URL: https://community.windy.com/assets/nodebb.min.js?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
56bcb09ae15178daecb95744193c8734a98bd7684fbdb421e91bf56f7503ce91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112172
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:26:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"1b62c-18f7221b0b4"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
collect
region1.analytics.google.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VZREPTWN67&gtm=45je45f0v9124574091za200&_p=1715931227568&_gaz=1&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=1380347068.1715931228&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fcommunity.windy.com%2Ftopic%2F10731%2Fwindy-com-security-compromise&dt=Windy.com%20Security%20Compromise%3F%20%40%20Windy%20Community&sid=1715931228&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1015
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZREPTWN67&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 07:33:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://community.windy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VZREPTWN67&cid=1380347068.1715931228&gtm=45je45f0v9124574091za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZREPTWN67&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 07:33:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://community.windy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VZREPTWN67&cid=1380347068.1715931228&gtm=45je45f0v9124574091za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&frm=0&z=990019994
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 07:33:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56263486-15&cid=1380347068.1715931228&jid=417705135&_u=IADAAAAAAAAAACAAI~&z=1923618489
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f132.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 07:33:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56263486-15&cid=1380347068.1715931228&jid=417705135&_u=IADAAAAAAAAAACAAI~&z=1923618489
Requested by
Host: community.windy.com
URL: https://community.windy.com/topic/10731/windy-com-security-compromise
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 07:33:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
community.windy.com/assets/uploads/system/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://community.windy.com/assets/uploads/system/favicon.ico?v=om17peou014
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.250.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.250.120.34.bc.googleusercontent.com
Software
nginx/1.14.2 / Strongest-wind-forces
Resource Hash
1b2eadbab0ca49ff61642fd528212441b5fbc91252bdd17f0ebcd084d265e2bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://community.windy.com/topic/10731/windy-com-security-compromise
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 07:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
x-permitted-cross-domain-policies
none
x-powered-by
Strongest-wind-forces
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15086
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Jun 2018 01:38:01 GMT
server
nginx/1.14.2
cross-origin-opener-policy
same-origin
etag
W/"3aee-16401179af4"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
content-type
image/x-icon
origin-agent-cluster
?1
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| config object| app function| gtag object| dataLayer function| prepareFooter object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __twttrll object| twttr object| __twttr object| webpackChunknodebb function| $ function| jQuery number| uidEvent object| bootbox object| utils object| socket object| overrides object| ajaxify object| Poll object| screenfull function| __nodebbSpamBeGoneCreateCaptcha__ string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| Mousetrap object| hljs

6 Cookies

Domain/Path Name / Value
.windy.com/ Name: express.sid
Value: s%3AmvoSZ96fEUex9YJ3aD8x7968iRWcpEKH.j4SAsqkXSbIXANXxuvZxO1%2B5rZ%2FhvAUthOjK0cgK1FE
.community.windy.com/ Name: _ga
Value: GA1.3.1380347068.1715931228
.community.windy.com/ Name: _ga_SM0LH86XWJ
Value: GS1.3.1715931227.1.0.1715931227.0.0.0
.community.windy.com/ Name: _gid
Value: GA1.3.2052872578.1715931228
.community.windy.com/ Name: _gat
Value: 1
.community.windy.com/ Name: _ga_VZREPTWN67
Value: GS1.3.1715931228.1.0.1715931228.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons.github.io
community.windy.com
ims-s.windy.com
platform.twitter.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.windy.com
13.35.58.12
142.250.186.35
2001:4860:4802:34::36
216.58.212.132
2606:2800:234:59:254c:406:2366:268c
2606:50c0:8002::153
2a00:1450:4001:81d::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c07::9c
2a03:2880:f177:83:face:b00c:0:25de
34.120.250.143
35.241.53.134
0ee8809c34d1f02d60c40e777e04af4da1feae001cfb41a26c2d0d7b2fee40aa
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1aa290c361e852baa4a07d7e57fe689b7dc7fea5ee0757d7f564af00dcb29e51
1b2eadbab0ca49ff61642fd528212441b5fbc91252bdd17f0ebcd084d265e2bd
1b4e1790171a3a5986d1298c608df083dbd7465284813bb1fa86b91a89325f30
1f849e6151d87bf5d7fecd4d5cab55daa4c23e158d7ff548c54fecdae08b3a42
2bccecf0bc7e96cd5ce4003abeb3ae9ee4a3d19158c4e6edfd2df32d2f0d5721
2dde78b50bad3039c410768d150058e1c9260fb2e0bb119fb5dd6e54962482f6
2fdbce0e617c2ad65371913103c1cf9fad3479466d0c4960b49fe544dfed792e
32a6ab9a3bdf7bba4c2f90c51aef1d2264303275ad88a01eef14804666c80945
347211b5076a626f4f1eb109708698add6e7463aa451a60d0c4e0b8854bd0bf3
39026e0ea8cbb31e7276e039a68b9eb94ae6714d5e5ce7aaa38dc2e4a3767da0
3ccb984c76f6908eb5a93d50feff8dc1fa022094267270ccbff5e9378f3749a1
40cfaaaf13e344519858598639f329cf8a1b21352aaff819c0e061cc5d9c202e
4379a6c5931eb4ae3fa5b6a83ea6911a8a4c31892cb4f2b0831ec0b425732acf
4aab4fcd3b2006ed467028701b973f366d3e84f1dde47cc2ce907d56336e6789
52b3179a99c7e01a23ce69702df9a36ac39e611248f9738271f9080ae2da60d3
56bcb09ae15178daecb95744193c8734a98bd7684fbdb421e91bf56f7503ce91
5c08fa194fdc22cac09cd38c04e4941a0892735c779551303b5c5af6b19dff20
6209c96752628fb8ae2a2946251987220c083eb661e5374f0b6025d0d75a0ff5
62759e679c3e1cfb78b9c09e388ae3fc10680a6d7c1db58f53a922bf528ae509
629383b64ce4bae70ebd42740ff64462c3c446cea1edd9ca5f78d99d549a8174
6391e629eb134c67b971ff9b29bd2ba7c05960c8c7a2b8367e2a8041fcde5006
663eb9f70334b3fa1b7c0f2da773867a7af232ea262d27a8c68ffd4db2c2a13b
6ae16ee4c226c6c888acf7edf7e04285e0cd6c5a9fcdb82a3de1ac764909f990
6c4f725edcf051d53e4b14cf65772a717605c2c2f260d02b8ac361ba057735ee
7cfe5a7746771d5094c2b976b1ec90207a9c0313cc1f8832887c7751d605b260
7eb12e2ccd5bf01ea2684a3afc7f967a60495c24d8ad658dc0f6686165bc1112
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a2c03238a41fb20a4663ae3ec7e5268053f1b7515d52e4ecf8aedb36b297a87
8d152ab9317051c8d8173f7b38f9db9ac5b742b2fce32e5bcfa8a31d54238a1d
92dc8ffc075ef885709cb91751f04462dae300684d21ca3e6babd1970420f307
96c131ea2e33d7a20c8d8212b9daaefe1769955e44f33062cc4e293dec2ce203
9a7454dec5d82d8834f57c49816c3fc956ce7858afa021dd36c25824ace0edaf
9b5b5542ab3c1e9b23f18733c3c4767b82f04c29e0adb7a863bb9b73c09fda03
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
b398d210cb0d37f976cecc216ba5d95a91ed9f676ff8492564e422d65bccc747
b980c2b0306ee9a57d759a2a2f8b9285fd23399e48cd625451764d63c82669f4
c8d416ee9b0cb478ce074fba810fd19dd203ba50af495e9399dbeeebc4516225
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
debffbfc513a9d2b2250f0620d29cb7defa4660f4db1ae0b7e342ab2e04e9550
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef653aecb9ef5d7600686cea02f504ab2eb685a9e699b898edcf71ea5182f1ad
fbde0ac0921d86c356c41532e7319c887a23bd1b8ff00060cab447249f03c7cf
fd4550fcd1e7b8ef489b3c3a128caea4652eac2ddd0fb3b374170fe99a402889