urlscan.io logo urlscan.io
SecurityTrails logo

wsibb2cbat1.b2clogin.com Open in urlscan Pro
20.190.190.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bat.osbc.wsib.ca/
Effective URL: https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45...
Submission Tags: @phishunt_io
Submission: On May 02 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 42 HTTP transactions. The main IP is 20.190.190.194, located in Phoenix, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is wsibb2cbat1.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 25th 2024. Valid for: a year.
This is the only time wsibb2cbat1.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 22 52.139.5.56 8075 (MICROSOFT...)
4 142.251.15.97 15169 (GOOGLE)
2 64.233.176.95 15169 (GOOGLE)
6 142.250.9.113 15169 (GOOGLE)
4 142.250.9.94 15169 (GOOGLE)
1 40.126.62.129 8075 (MICROSOFT...)
2 20.190.190.194 8075 (MICROSOFT...)
2 52.179.73.36 8075 (MICROSOFT...)
1 72.21.81.200 15133 (EDGECAST)
2 52.179.73.38 8075 (MICROSOFT...)
42 10
22    52.139.5.56 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.osbc.wsib.ca
loginb2cbat.lfb.wsib.ca
4    142.251.15.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: yl-in-f97.1e100.net
www.googletagmanager.com
2    64.233.176.95 (United States)

ASN15169 (GOOGLE, US)
PTR: yw-in-f95.1e100.net
fonts.googleapis.com
6    142.250.9.113 (United States)

ASN15169 (GOOGLE, US)
PTR: yq-in-f113.1e100.net
www.google-analytics.com
4    142.250.9.94 (United States)

ASN15169 (GOOGLE, US)
PTR: yq-in-f94.1e100.net
fonts.gstatic.com
1    40.126.62.129 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wsibb2cbat1.b2clogin.com
2    20.190.190.194 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wsibb2cbat1.b2clogin.com
2    52.179.73.36 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
1    72.21.81.200 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    52.179.73.38 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
22 wsib.ca
bat.osbc.wsib.ca
loginb2cbat.lfb.wsib.ca
2 MB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
4 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 751
401 B
4 gstatic.com
fonts.gstatic.com
51 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
334 KB
3 b2clogin.com
wsibb2cbat1.b2clogin.com
67 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2776
47 KB
42 8
Domain Requested by
13 bat.osbc.wsib.ca 4 redirects bat.osbc.wsib.ca
9 loginb2cbat.lfb.wsib.ca wsibb2cbat1.b2clogin.com
loginb2cbat.lfb.wsib.ca
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
bat.osbc.wsib.ca
4 dc.services.visualstudio.com bat.osbc.wsib.ca
az416426.vo.msecnd.net
4 fonts.gstatic.com fonts.googleapis.com
4 www.googletagmanager.com bat.osbc.wsib.ca
www.googletagmanager.com
3 wsibb2cbat1.b2clogin.com bat.osbc.wsib.ca
wsibb2cbat1.b2clogin.com
2 fonts.googleapis.com bat.osbc.wsib.ca
loginb2cbat.lfb.wsib.ca
1 az416426.vo.msecnd.net bat.osbc.wsib.ca
42 9

This site contains links to these domains. Also see Links.

Domain
loginbat.lfb.wsib.ca
Subject Issuer Validity Valid
bat.osbc.wsib.ca
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2024-03-25 -
2025-03-25		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-04-18 -
2025-04-13		 a year crt.sh
loginbat.lfb.wsib.ca
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-15 -
2025-05-16		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2025-01-30		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-04-18 -
2025-04-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=EZP9UvEZyM&scope=openid&nonce=QEFHMlpwR6Wn
Frame ID: 17C67782615DAD199426C9DAD0B2C449
Requests: 39 HTTP requests in this frame

Frame: https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=G8nNpUsOw9&scope=openid&nonce=bXMBScQUIWnE
Frame ID: 885B832C063AED59A9196073EC077AAE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login-WSIB Online services

Page URL History Show full URLs

  1. https://bat.osbc.wsib.ca/ Page URL
  2. https://bat.osbc.wsib.ca/oauth/authorize?client_id=OSBC&lang=en-US&nonce=NTI2VU24s4PDixT7&response_ty... HTTP 302
    https://bat.osbc.wsib.ca/uaa/login HTTP 302
    https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

42
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

2727 kB
Transfer

11852 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bat.osbc.wsib.ca/ Page URL
  2. https://bat.osbc.wsib.ca/oauth/authorize?client_id=OSBC&lang=en-US&nonce=NTI2VU24s4PDixT7&response_type=token&scope=openid%20guidewire.edge.wsib_online_service.%2A.%2A&state=NTI2VU24s4PDixT7 HTTP 302
    https://bat.osbc.wsib.ca/uaa/login HTTP 302
    https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=EZP9UvEZyM&scope=openid&nonce=QEFHMlpwR6Wn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://bat.osbc.wsib.ca/oauth/authorize?client_id=OSBC&lang=en-US&nonce=7D0dzdIE8pgjWNnb&response_type=token&scope=openid%20guidewire.edge.wsib_online_service.%2A.%2A&state=7D0dzdIE8pgjWNnb HTTP 302
  • https://bat.osbc.wsib.ca/uaa/login HTTP 302
  • https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=G8nNpUsOw9&scope=openid&nonce=bXMBScQUIWnE

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bat.osbc.wsib.ca/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bat.osbc.wsib.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
be81a5fc650dd4430c3996570084fd6f608129dd4942f018f5e901f03137a8a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri /report-csp-violation;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=0, public, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
945
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
Content-Type
text/html
Date
Thu, 02 May 2024 18:35:28 GMT
Expires
0
Last-Modified
Tue, 30 Apr 2024 16:18:10 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
X-powered-by
WSIB
js
www.googletagmanager.com/gtag/ 		289 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T3LCZYM10T
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.15.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6ec347aba4cc72d8ab45d98cabb18ba1f68a9c721fa26064ea71d0537207c74b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 18:35:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100326
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 May 2024 18:35:29 GMT
main.f0e02bf7.chunk.css
bat.osbc.wsib.ca/static/css/ 		538 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bat.osbc.wsib.ca/static/css/main.f0e02bf7.chunk.css
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b3d2ea16897142f51caebbc50dba419961ba4e5d7d60b3d0c3cc2b0bdaf75665
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri /report-csp-violation;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
X-powered-by
WSIB
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 30 Apr 2024 16:18:11 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Fri, 02 May 2025 18:35:29 GMT
runtime~main.2309300d.js
bat.osbc.wsib.ca/static/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.osbc.wsib.ca/static/js/runtime~main.2309300d.js
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3e70b256007c17ddee81597b8d30c58cc80a31c4c1fafbd8e8b92d387fa64d21
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri /report-csp-violation;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
X-powered-by
WSIB
Connection
keep-alive
Content-Length
2115
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 30 Apr 2024 16:18:13 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1
Accept-Ranges
bytes
Expires
Thu, 02 May 2024 18:35:30 GMT
jutro.2f84b8af.chunk.js
bat.osbc.wsib.ca/static/js/ 		4 MB
598 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.osbc.wsib.ca/static/js/jutro.2f84b8af.chunk.js
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a5b35b3fc374944b8261e63551d39ad1d272a600c2f61d658274ab1aa98f4ed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri /report-csp-violation;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
X-powered-by
WSIB
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 30 Apr 2024 16:18:12 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1
Accept-Ranges
bytes
Expires
Thu, 02 May 2024 18:35:30 GMT
config.b4af0d57.chunk.js
bat.osbc.wsib.ca/static/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.osbc.wsib.ca/static/js/config.b4af0d57.chunk.js
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f9129a9a0125620c9ccfd5ad1471cab1bb3efe27368fb55f6082b8ea0c3c2d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri /report-csp-violation;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
X-powered-by
WSIB
Connection
keep-alive
Content-Length
2117
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 30 Apr 2024 16:18:11 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1
Accept-Ranges
bytes
Expires
Thu, 02 May 2024 18:35:30 GMT
main.ab074183.chunk.js
bat.osbc.wsib.ca/static/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.osbc.wsib.ca/static/js/main.ab074183.chunk.js
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0414b2269df5b9fd79773ece615cf3e67b56c668e79c83b3f5cbc1d27d01e8da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri /report-csp-violation;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
X-powered-by
WSIB
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 30 Apr 2024 16:18:13 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1
Accept-Ranges
bytes
Expires
Thu, 02 May 2024 18:35:30 GMT
gtm.js
www.googletagmanager.com/ 		198 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WG3566F
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.15.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e697d4c7a2b3399d62e87a33707ba3c0338897c88f11012ed4dce39cfc281f52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 18:35:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71156
x-xss-protection
0
last-modified
Thu, 02 May 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 May 2024 18:35:29 GMT
css
fonts.googleapis.com/ 		1 KB
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/static/css/main.f0e02bf7.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.176.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yw-in-f95.1e100.net
Software
ESF /
Resource Hash
9c794d3451e5654d3e69690e0b07887f7f28a5c4ee275f728ca0b63d11288c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 May 2024 18:35:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 May 2024 16:40:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 May 2024 18:35:29 GMT
js
www.googletagmanager.com/gtag/ 		286 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T3LCZYM10T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WG3566F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.15.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8520f775a71d5943eba8edd84e712f83cb07b4d7e54c7a85f8b631ede37196d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 18:35:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99270
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 May 2024 18:35:29 GMT
collect
www.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-T3LCZYM10T&gtm=45je44t0v894299136z8840808319za200&_p=1714674929041&gcd=13l3l3l3l1&npa=0&dma=0&cid=889690544.1714674929&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714674929&sct=1&seg=0&dl=https%3A%2F%2Fbat.osbc.wsib.ca%2F&dt=View%20your%20claims&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3LCZYM10T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.9.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yq-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 02 May 2024 18:35:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bat.osbc.wsib.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-183978625-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3LCZYM10T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.15.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
aaa61cd4b9d7e97f8f3d1de93d5740585068f78a0a077093734f83fef2818cd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 18:35:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70141
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 May 2024 18:35:29 GMT
collect
www.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-T3LCZYM10T&gtm=45je44t0v894299136z8840808319za200&_p=1714674929041&gcd=13l3l3l3l1&npa=0&dma=0&cid=889690544.1714674929&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1714674929&sct=1&seg=0&dl=https%3A%2F%2Fbat.osbc.wsib.ca%2F&dt=View%20your%20claims&en=gtm.js&ep.Category=PageView&ep.Action=gtm.js&_et=6&tfd=873
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3LCZYM10T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.9.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yq-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 02 May 2024 18:35:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bat.osbc.wsib.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-183978625-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.9.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yq-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 May 2024 16:46:20 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6549
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 02 May 2024 18:46:20 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1466863701&t=pageview&_s=1&dl=https%3A%2F%2Fbat.osbc.wsib.ca%2F&ul=en-ca&de=UTF-8&dt=View%20your%20claims&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1371628377&gjid=777343314&cid=889690544.1714674929&tid=UA-183978625-1&_gid=612901262.1714674930&_r=1&gtm=457e44t0z8894299136za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1407095618
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.9.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yq-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 May 2024 18:35:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bat.osbc.wsib.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/static/js/jutro.2f84b8af.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.9.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yq-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 16:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6549
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 02 May 2024 18:46:20 GMT
app-messages-en_US.1c9df882.chunk.js
bat.osbc.wsib.ca/static/js/ 		186 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.osbc.wsib.ca/static/js/app-messages-en_US.1c9df882.chunk.js
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/static/js/runtime~main.2309300d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
485ade207c075f23f861f47d75f833c3ee55cd0e7f29b68111b04d2de2d1bf2e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri /report-csp-violation;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
X-powered-by
WSIB
Connection
keep-alive
Content-Length
39786
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 30 Apr 2024 16:18:11 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1
Accept-Ranges
bytes
Expires
Thu, 02 May 2024 18:35:32 GMT
7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
fonts.gstatic.com/s/muli/v29/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.9.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yq-in-f94.1e100.net
Software
sffe /
Resource Hash
bcb3c99616a6b90084e82690ab8519141a78fea94c0ab3a3a5ca7611c0d77e4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://bat.osbc.wsib.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 19:46:29 GMT
x-content-type-options
nosniff
age
514142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18500
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 19:46:29 GMT
35.2d039f34.chunk.js
bat.osbc.wsib.ca/static/js/ 		53 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.osbc.wsib.ca/static/js/35.2d039f34.chunk.js
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/static/js/runtime~main.2309300d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dbb9ebfb6dae9cc83e922b26a88affa83d7c05040686fab3104dea2d8f541760
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri /report-csp-violation;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
X-powered-by
WSIB
Connection
keep-alive
Content-Length
6440
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 30 Apr 2024 16:18:11 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1
Accept-Ranges
bytes
Expires
Thu, 02 May 2024 18:35:32 GMT
authorize
wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/ Frame 885B
Redirect Chain
  • https://bat.osbc.wsib.ca/oauth/authorize?client_id=OSBC&lang=en-US&nonce=7D0dzdIE8pgjWNnb&response_type=token&scope=openid%20guidewire.edge.wsib_online_service.%2A.%2A&state=7D0dzdIE8pgjWNnb
  • https://bat.osbc.wsib.ca/uaa/login
  • https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=G8nNpUsOw9&scope=openid&nonce=bXMBScQUIWnE
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/static/js/main.ab074183.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.126.62.129 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://bat.osbc.wsib.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Encoding
gzip
Content-Length
64970
Content-Type
text/html; charset=utf-8
Date
Thu, 02 May 2024 18:35:31 GMT
Expires
-1
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Build
1.1.147.0
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-ID
49214a6b-4c28-435a-bd06-8dcf272514c3
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
7ecf1eae-d976-4e33-b6ec-6c99401bb08e

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Language
en-CA
Content-Length
0
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
Date
Thu, 02 May 2024 18:35:31 GMT
Expires
0
Location
https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=G8nNpUsOw9&scope=openid&nonce=bXMBScQUIWnE
Pragma
no-cache
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
X-powered-by
WSIB
Primary Request authorize
wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/
Redirect Chain
  • https://bat.osbc.wsib.ca/oauth/authorize?client_id=OSBC&lang=en-US&nonce=NTI2VU24s4PDixT7&response_type=token&scope=openid%20guidewire.edge.wsib_online_service.%2A.%2A&state=NTI2VU24s4PDixT7
  • https://bat.osbc.wsib.ca/uaa/login
  • https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F...
153 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=EZP9UvEZyM&scope=openid&nonce=QEFHMlpwR6Wn
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/static/js/main.ab074183.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.190.194 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3da16b943accc636d79a2561b221db43874aa2213b6ade54096f5f06749a03b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://bat.osbc.wsib.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Encoding
gzip
Content-Length
64958
Content-Type
text/html; charset=utf-8
Date
Thu, 02 May 2024 18:35:32 GMT
Expires
-1
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Build
1.1.144.0
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-ID
49214a6b-4c28-435a-bd06-8dcf272514c3
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
f8ca2243-25fb-4435-bf53-e5fdf4c3df3d

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Language
en-CA
Content-Length
0
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
Date
Thu, 02 May 2024 18:35:32 GMT
Expires
0
Location
https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=EZP9UvEZyM&scope=openid&nonce=QEFHMlpwR6Wn
Pragma
no-cache
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
X-powered-by
WSIB
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-T3LCZYM10T&gtm=45je44t0v894299136za200&_p=1714674929041&gcd=13l3l3l3l1&npa=0&dma=0&cid=889690544.1714674929&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&sid=1714674929&sct=1&seg=0&dl=https%3A%2F%2Fbat.osbc.wsib.ca%2F&dt=View%20your%20claims&_s=3&tfd=3921
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3LCZYM10T
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.9.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yq-in-f113.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://bat.osbc.wsib.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 02 May 2024 18:35:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bat.osbc.wsib.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
bat.osbc.wsib.ca/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bat.osbc.wsib.ca/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri /report-csp-violation;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bat.osbc.wsib.ca/account-management/login-page
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self'; report-uri /report-csp-violation;
X-powered-by
WSIB
Connection
keep-alive
Content-Length
1253
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 30 Apr 2024 15:56:35 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Cache-Control
max-age=1
Accept-Ranges
bytes
Expires
Thu, 02 May 2024 18:35:33 GMT
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://bat.osbc.wsib.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 02 May 2024 18:35:32 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/static/js/main.ab074183.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://bat.osbc.wsib.ca/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Thu, 02 May 2024 18:35:32 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
wsib-signin.html
loginb2cbat.lfb.wsib.ca/en/ 		11 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://loginb2cbat.lfb.wsib.ca/en/wsib-signin.html?ui_locales=en
Requested by
Host: wsibb2cbat1.b2clogin.com
URL: https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=EZP9UvEZyM&scope=openid&nonce=QEFHMlpwR6Wn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
38e85f16a19265f9aadee770477e5220de385886b1fb02fdfadb5386c3911c14
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wsibb2cbat1.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Connection
keep-alive
Content-Length
11188
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer
Last-Modified
Sat, 27 Apr 2024 02:59:00 GMT
ETag
"662c69f4-2bb4"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
styles.css
loginb2cbat.lfb.wsib.ca/ 		13 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loginb2cbat.lfb.wsib.ca/styles.css
Requested by
Host: wsibb2cbat1.b2clogin.com
URL: https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=EZP9UvEZyM&scope=openid&nonce=QEFHMlpwR6Wn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1db6ad1846f1bc277694610af6673868bd979deea69353d67d898ae19d07324f
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wsibb2cbat1.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Connection
keep-alive
Content-Length
13742
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer
Last-Modified
Sat, 27 Apr 2024 02:59:01 GMT
ETag
"662c69f5-35ae"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
footer.js
loginb2cbat.lfb.wsib.ca/ 		10 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loginb2cbat.lfb.wsib.ca/footer.js
Requested by
Host: wsibb2cbat1.b2clogin.com
URL: https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=EZP9UvEZyM&scope=openid&nonce=QEFHMlpwR6Wn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03237cdd6315581f0035d2799b4f34b565ebf1f2c59d2a958171f6670310e06c
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wsibb2cbat1.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Connection
keep-alive
Content-Length
10618
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer
Last-Modified
Sat, 27 Apr 2024 02:59:01 GMT
ETag
"662c69f5-297a"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
header.js
loginb2cbat.lfb.wsib.ca/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loginb2cbat.lfb.wsib.ca/header.js
Requested by
Host: wsibb2cbat1.b2clogin.com
URL: https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=EZP9UvEZyM&scope=openid&nonce=QEFHMlpwR6Wn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5107a4b26137d8494e8d9fb219bdf0426dbee89e9e1b99b6f0c3fb74e8c89ae2
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wsibb2cbat1.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Connection
keep-alive
Content-Length
8183
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer
Last-Modified
Sat, 27 Apr 2024 02:59:01 GMT
ETag
"662c69f5-1ff7"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
favicon.ico
loginb2cbat.lfb.wsib.ca/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://loginb2cbat.lfb.wsib.ca/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ec703efdf359605c8550636fe66d04c6bdfefb23dd9ed09f093ea75a59cc25c0
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wsibb2cbat1.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Connection
keep-alive
Content-Length
2136
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer
Last-Modified
Fri, 05 Apr 2024 14:03:26 GMT
ETag
"661004ae-858"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: bat.osbc.wsib.ca
URL: https://bat.osbc.wsib.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/80D0) /
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wsibb2cbat1.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 May 2024 18:35:33 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
MPOa5dHQWkOQRqdkBRC0hg==
age
782
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
content-length
48078
x-ms-lease-status
unlocked
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
server
ECAcc (cha/80D0)
x-ms-meta-aijssdkver
2.8.18
etag
0x8DC490392FC747D
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
32773d78-401e-00ca-46bd-9c12da000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Thu, 02 May 2024 19:05:33 GMT
perftrace
wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/B2C_1_signinup_en/client/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/B2C_1_signinup_en/client/perftrace?tx=StateProperties=eyJUSUQiOiI0OTIxNGE2Yi00YzI4LTQzNWEtYmQwNi04ZGNmMjcyNTE0YzMifQ&p=B2C_1_signinup_en
Requested by
Host: wsibb2cbat1.b2clogin.com
URL: https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=EZP9UvEZyM&scope=openid&nonce=QEFHMlpwR6Wn
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.190.194 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-CSRF-TOKEN
T091a2xZT1lac2pFVVRDamE0bGhVVlRuN0dKTU5rV0pWNjFkUEUwdm90aHFhaVJZcWF0bkNQcFBSeXJMYmpOeTVETFkxOThSRGRzRlkzMU1lNWs0MUE9PTsyMDI0LTA1LTAyVDE4OjM1OjMzLjMwODQwMDRaO1Y3K3RBYXQrQnh4VVkxMGU3VWNoQkE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://wsibb2cbat1.b2clogin.com/wsibb2cbat1.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_signinup_en&client_id=33cfa5c2-f32e-45ac-b94d-dc10863bc5c5&response_type=id_token&redirect_uri=https%3A%2F%2Fbat.osbc.wsib.ca/osbc%2Fuaa%2Flogin%2Fcallback%2Fmicrosoftb2c_osbc&state=EZP9UvEZyM&scope=openid&nonce=QEFHMlpwR6Wn
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Thu, 02 May 2024 18:35:33 GMT
X-Content-Type-Options
nosniff
Allow
OPTIONS, TRACE, GET, HEAD, POST
X-Frame-Options
DENY
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
no-store, must-revalidate, no-cache
x-ms-gateway-requestid
7e795b4d-3476-4a4e-bb30-915e045565b4
Content-Length
0
X-XSS-Protection
1; mode=block
styles.css
loginb2cbat.lfb.wsib.ca/ 		13 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loginb2cbat.lfb.wsib.ca/styles.css
Requested by
Host: loginb2cbat.lfb.wsib.ca
URL: https://loginb2cbat.lfb.wsib.ca/header.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1db6ad1846f1bc277694610af6673868bd979deea69353d67d898ae19d07324f
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wsibb2cbat1.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:33 GMT
Content-Security-Policy
script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
X-Content-Type-Options
nosniff
Content-Length
13742
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer
Last-Modified
Sat, 27 Apr 2024 02:59:01 GMT
ETag
"662c69f5-35ae"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
wsib-logo-new.png
loginb2cbat.lfb.wsib.ca/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loginb2cbat.lfb.wsib.ca/images/wsib-logo-new.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
924673d8cf0d353c37bcb0e2b909b50f21a122a3c7cb60aede0df842f0d6b122
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://wsibb2cbat1.b2clogin.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Connection
keep-alive
Content-Length
7993
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer
Last-Modified
Fri, 05 Apr 2024 14:03:26 GMT
ETag
"661004ae-1f39"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
css
fonts.googleapis.com/ 		3 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,700
Requested by
Host: loginb2cbat.lfb.wsib.ca
URL: https://loginb2cbat.lfb.wsib.ca/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.176.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yw-in-f95.1e100.net
Software
ESF /
Resource Hash
a59127a6af964e87984cbefb43fa9664c3edbdefa6a96353bcf86cd0b00a18d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 May 2024 18:35:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 May 2024 16:42:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 May 2024 18:35:34 GMT
social-media-icons.png
loginb2cbat.lfb.wsib.ca/images/ 		15 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loginb2cbat.lfb.wsib.ca/images/social-media-icons.png
Requested by
Host: loginb2cbat.lfb.wsib.ca
URL: https://loginb2cbat.lfb.wsib.ca/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f0eca3a87267e40c2822d5d02c32b9fe561d43efb8c8652f7b260bf2d7dfdc28
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Connection
keep-alive
Content-Length
15829
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer
Last-Modified
Fri, 05 Apr 2024 14:03:26 GMT
ETag
"661004ae-3dd5"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
track
dc.services.visualstudio.com/v2/ 		96 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.38 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
83283882550390eaaa24c1e001ed0691e1eea04484af3bc43343f6e4c3b70b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://wsibb2cbat1.b2clogin.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Thu, 02 May 2024 18:35:33 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.38 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://wsibb2cbat1.b2clogin.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 02 May 2024 18:35:33 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
topshade.png
loginb2cbat.lfb.wsib.ca/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loginb2cbat.lfb.wsib.ca/topshade.png
Requested by
Host: loginb2cbat.lfb.wsib.ca
URL: https://loginb2cbat.lfb.wsib.ca/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.5.56 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
191ccb6d0276071775e937f50c68f3cc1521c418eb521ae8115b6cde2961ed44
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 18:35:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://fonts.googleapis.com/ 'unsafe-inline';base-uri 'self'; frame-ancestors 'self' ;
Connection
keep-alive
Content-Length
2824
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer
Last-Modified
Fri, 05 Apr 2024 14:03:26 GMT
ETag
"661004ae-b08"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.9.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yq-in-f94.1e100.net
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://wsibb2cbat1.b2clogin.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 19:38:12 GMT
x-content-type-options
nosniff
age
514642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 19:38:12 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 		32 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.9.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yq-in-f94.1e100.net
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://wsibb2cbat1.b2clogin.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 19:38:12 GMT
x-content-type-options
nosniff
age
514642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 19:38:12 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 		32 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.9.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yq-in-f94.1e100.net
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://wsibb2cbat1.b2clogin.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 19:38:12 GMT
x-content-type-options
nosniff
age
514642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 19:38:12 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $predicateValidation object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady string| sdkInstance string| aiName object| aisdk string| appInsightsSDK object| appInsights function| changeForgotPasswordLink function| disableautocomplete function| setAriaRequired function| Change function| skipContentFocus function| skipContentBlur function| remove_hash_from_url number| currentYear object| Microsoft object| __dynProto$Gbl

16 Cookies

Domain/Path Name / Value
.wsib.ca/ Name: _ga
Value: GA1.2.889690544.1714674929
.wsib.ca/ Name: _gid
Value: GA1.2.612901262.1714674930
.wsib.ca/ Name: _gat_gtag_UA_183978625_1
Value: 1
bat.osbc.wsib.ca/ Name: ai_user
Value: LaMZqCyPQRQ8qGiAFnh2GW|2024-05-02T18:35:31.257Z
.bat.osbc.wsib.ca/ Name: _ga
Value: GA1.4.889690544.1714674929
.bat.osbc.wsib.ca/ Name: _gid
Value: GA1.4.612901262.1714674930
bat.osbc.wsib.ca/ Name: UAA_JSESSIONID
Value: E2AE612E12D172CF2DC09F99423AE32D.App2
.wsib.ca/ Name: _ga_T3LCZYM10T
Value: GS1.1.1714674929.1.1.1714674932.0.0.0
bat.osbc.wsib.ca/ Name: ai_session
Value: aXOmdBV14tNRIK8E/ALPkL|1714674932661|1714674932661
bat.osbc.wsib.ca/ Name: X-Uaa-Csrf
Value: fnxu0z4Ya7bV2rOJPdiqLr
.wsibb2cbat1.b2clogin.com/ Name: x-ms-cpim-sso:wsibb2cbat1.onmicrosoft.com_0
Value: m1.17hEemQKY99ezX0t.prVdp8aSa+OTZ1c59E1mOA==.0.SxjtZKmQ0rXjuFLed+AWPSC8JIh6kZhqfN7lvOrM9YqwCxvmdG2GxhfT6J/o3xw8ZwVgbOOifstoIPyQse5i856s1y9Ch7epHXu1s2Z4PopMGvceMt+WswWU6C7Uno/xEr9UAmu6FrE0BZnMZshFxs2r54iLSBzH2vrw33BQ1l3nY3EIROuQ08eaOTFuBYfQXCNxDTcQMthnUdlBUpo5koRSVaOBVFkcOPZcw2QMGyxOgb+HQCuv9QrVrOV5Q7iSxeHp+r9iofVpWd4ndQiXoDuZsxrnDQtVVMaDqTP8HsUFnTBENV9/84uOBWLDALCisks65bNYBLUPpYYGojC/PfQrenXzzBY8O6xWUw==
.wsibb2cbat1.b2clogin.com/ Name: x-ms-cpim-csrf
Value: T091a2xZT1lac2pFVVRDamE0bGhVVlRuN0dKTU5rV0pWNjFkUEUwdm90aHFhaVJZcWF0bkNQcFBSeXJMYmpOeTVETFkxOThSRGRzRlkzMU1lNWs0MUE9PTsyMDI0LTA1LTAyVDE4OjM1OjMzLjMwODQwMDRaO1Y3K3RBYXQrQnh4VVkxMGU3VWNoQkE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
.wsibb2cbat1.b2clogin.com/ Name: x-ms-cpim-cache|a0ohsshmwko9bo3pjyuuww_0
Value: m1./5YVXjEWbq1aZRnM.YSQ5bSnjCV4Pwb5oMvzFhQ==.0.wE6MTFiZkZ8bp1radGNxbhocOzSWaL4b2XCfsvd89aVpwgqBl7wigI3+bhV9VT6ooCHTMm7Rmm5PT2Cob6NiIH1z9w4eftM22hDpnJ3g7/EiWhrI2QrZVXwkqINqRmhkd5mWhRI1b8xv3G8fKWi9Y088UGQsODnrmJarQdU3BQXNhgN5otUVeWo7eI/A2TOW7zw3BOr9KgzGD9j8IYzYlQKc7+JpKD89gu/KKoFkFszwtfd8yKZYY+GDePE9zp8oCNfTbUycpFejMlGbu86Wh3zTdFTp9R0bBr2ecRBTpqPszi8GmP/xbXkD6x+gL6iFM6Wx+8Apa+B1QAAVNm/5pmZ0q3UQN6QyTIRatXX7VSye5mOELNPU1XuZ7r4/7D6kb3amL8vHMIiBQyb3unEr243fXWOm6fBPev01j6eAxxK9+2Gt94tGbseBZf50iBdWm0Dlnsm1XsUhvIm95dpcLadeVZ71CrlIEgQZHBOot9fqhU/Mp+tV9g6PdXUQ9oa5pnjempZvl7yjweNwR4WEm7QCk47TGDJmjqW83ucfSggXbXt172keNp4aeSLfyWX/ajiYiVcNMV6bhtl3Vo5PL5nDNrjPBAeXjpICuEquZjFvkPfyRNJDhNhg+ZNHiFg4JFJL+lYKFecJXqG+1kbz+FiWXM5USmjlGBS7hLB0yo4e4n0XLJO45fEMSz8yYyrWS/ZsQgxw6PTP00vlaMI64P1xHGgBRcutJ9mVgzW5YbQW5so0xjM5u0I9/x+lqF6QT12QQT3B9zK4PLargsDTcd1o9Hw+zL8F6q4uNKYCIGzx/8+GDahGAOefsXRNTKZ1FGW62iifbNTXogBwAoxSJsOEHqV1dvmaUCsUOvGmJGCH79R7j+nle8J8HIkZuh3x3QnY/AFwaruFfZ1niXVlwuzoMWeHw8U9QgHs2H6UgQ7kAFyfYGpvSW9ZR+McjNzTw4AaFCoWidNwXIcOak7o89n6TOnnWy7j1NtibROPQ3w6mChkj1cfoyuF2BuLTrhdHE1uW97XqyeTZcPj/4EMHkzM+KNU6dbm+nVCBIGVJOMqE4t21RBtkYgSNQ0phxMR/y3qVIY=
.wsibb2cbat1.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6IjQ5MjE0YTZiLTRjMjgtNDM1YS1iZDA2LThkY2YyNzI1MTRjMyIsIlQiOiJ3c2liYjJjYmF0MS5vbm1pY3Jvc29mdC5jb20iLCJQIjoiYjJjXzFfc2lnbmludXBfZW4iLCJDIjoiMzNjZmE1YzItZjMyZS00NWFjLWI5NGQtZGMxMDg2M2JjNWM1IiwiUyI6MiwiTSI6e30sIkQiOjAsIkUiOiIifV0sIkNfSUQiOiI0OTIxNGE2Yi00YzI4LTQzNWEtYmQwNi04ZGNmMjcyNTE0YzMifQ==
wsibb2cbat1.b2clogin.com/ Name: ai_user
Value: kRRHk2dnJx8Cp+10OrLTjl|2024-05-02T18:35:34.058Z
wsibb2cbat1.b2clogin.com/ Name: ai_session
Value: 76oLomncxVKzJDpUwtU5RY|1714674934164|1714674934164

4 Console Messages

Source Level URL
Text
other warning URL: https://bat.osbc.wsib.ca/account-management/login-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bat.osbc.wsib.ca/account-management/login-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bat.osbc.wsib.ca/account-management/login-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bat.osbc.wsib.ca/account-management/login-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; report-uri /report-csp-violation;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
bat.osbc.wsib.ca
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
loginb2cbat.lfb.wsib.ca
wsibb2cbat1.b2clogin.com
www.google-analytics.com
www.googletagmanager.com
142.250.9.113
142.250.9.94
142.251.15.97
20.190.190.194
40.126.62.129
52.139.5.56
52.179.73.36
52.179.73.38
64.233.176.95
72.21.81.200
03237cdd6315581f0035d2799b4f34b565ebf1f2c59d2a958171f6670310e06c
0414b2269df5b9fd79773ece615cf3e67b56c668e79c83b3f5cbc1d27d01e8da
191ccb6d0276071775e937f50c68f3cc1521c418eb521ae8115b6cde2961ed44
1db6ad1846f1bc277694610af6673868bd979deea69353d67d898ae19d07324f
38e85f16a19265f9aadee770477e5220de385886b1fb02fdfadb5386c3911c14
3da16b943accc636d79a2561b221db43874aa2213b6ade54096f5f06749a03b8
3e70b256007c17ddee81597b8d30c58cc80a31c4c1fafbd8e8b92d387fa64d21
485ade207c075f23f861f47d75f833c3ee55cd0e7f29b68111b04d2de2d1bf2e
4f9129a9a0125620c9ccfd5ad1471cab1bb3efe27368fb55f6082b8ea0c3c2d0
5107a4b26137d8494e8d9fb219bdf0426dbee89e9e1b99b6f0c3fb74e8c89ae2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec347aba4cc72d8ab45d98cabb18ba1f68a9c721fa26064ea71d0537207c74b
83283882550390eaaa24c1e001ed0691e1eea04484af3bc43343f6e4c3b70b1d
8520f775a71d5943eba8edd84e712f83cb07b4d7e54c7a85f8b631ede37196d8
924673d8cf0d353c37bcb0e2b909b50f21a122a3c7cb60aede0df842f0d6b122
9a5b35b3fc374944b8261e63551d39ad1d272a600c2f61d658274ab1aa98f4ed
9c794d3451e5654d3e69690e0b07887f7f28a5c4ee275f728ca0b63d11288c50
a59127a6af964e87984cbefb43fa9664c3edbdefa6a96353bcf86cd0b00a18d1
aaa61cd4b9d7e97f8f3d1de93d5740585068f78a0a077093734f83fef2818cd8
b3d2ea16897142f51caebbc50dba419961ba4e5d7d60b3d0c3cc2b0bdaf75665
bcb3c99616a6b90084e82690ab8519141a78fea94c0ab3a3a5ca7611c0d77e4c
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
be81a5fc650dd4430c3996570084fd6f608129dd4942f018f5e901f03137a8a3
dbb9ebfb6dae9cc83e922b26a88affa83d7c05040686fab3104dea2d8f541760
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e697d4c7a2b3399d62e87a33707ba3c0338897c88f11012ed4dce39cfc281f52
ec703efdf359605c8550636fe66d04c6bdfefb23dd9ed09f093ea75a59cc25c0
f0eca3a87267e40c2822d5d02c32b9fe561d43efb8c8652f7b260bf2d7dfdc28
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929