basf-grids-app.basf-zreality-internal.com Open in urlscan Pro
54.75.22.170 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://basf-grids-app.basf-zreality-internal.com/
Submission: On June 01 via automatic, source certstream-suspicious (June 1st 2023, 7:34:05 am UTC) — Scanned from DE

Summary HTTP 26 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 2 domains to perform 26 HTTP transactions. The main IP is 54.75.22.170, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is basf-grids-app.basf-zreality-internal.com.
TLS certificate: Issued by R3 on April 20th 2023. Valid for: 3 months.

This is the only time basf-grids-app.basf-zreality-internal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.75.22.170 54.75.22.170	16509 (AMAZON-02) (AMAZON-02)
12	18.66.147.96 18.66.147.96	16509 (AMAZON-02) (AMAZON-02)
3	52.31.171.231 52.31.171.231	16509 (AMAZON-02) (AMAZON-02)
3	18.194.156.199 18.194.156.199	16509 (AMAZON-02) (AMAZON-02)
2	18.197.47.59 18.197.47.59	16509 (AMAZON-02) (AMAZON-02)
26	6

1 54.75.22.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-22-170.eu-west-1.compute.amazonaws.com

basf-grids-app.basf-zreality-internal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.66.147.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-96.fra60.r.cloudfront.net

basf-grids-assets.basf-zreality-internal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.171.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-171-231.eu-west-1.compute.amazonaws.com

basfgrids.zreality.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.194.156.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-156-199.eu-central-1.compute.amazonaws.com

analytics.zreality.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.47.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-59.eu-central-1.compute.amazonaws.com

gt.zreality.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	basf-zreality-internal.com basf-grids-app.basf-zreality-internal.com basf-grids-assets.basf-zreality-internal.com	353 KB
8	zreality.com basfgrids.zreality.com analytics.zreality.com gt.zreality.com	23 KB
26	2

	Domain	Requested by
12	basf-grids-assets.basf-zreality-internal.com	basf-grids-app.basf-zreality-internal.com basf-grids-assets.basf-zreality-internal.com
3	analytics.zreality.com	basf-grids-assets.basf-zreality-internal.com analytics.zreality.com
3	basfgrids.zreality.com	basf-grids-assets.basf-zreality-internal.com
2	gt.zreality.com	basf-grids-assets.basf-zreality-internal.com
1	basf-grids-app.basf-zreality-internal.com
26	5

This site contains links to these domains. Also see Links.

Domain
www.zreality.com

Subject Issuer	Validity	Valid
quizzical-hobbit.basf-zreality-internal.com R3	`2023-04-20` - `2023-07-19`	3 months	crt.sh
*.basf-zreality-internal.com Amazon RSA 2048 M02	`2023-02-22` - `2023-08-02`	5 months	crt.sh
basfgrids.zreality.com Amazon RSA 2048 M01	`2023-02-09` - `2023-08-02`	6 months	crt.sh
zreality.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
gt.zreality.com R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://basf-grids-app.basf-zreality-internal.com/
Frame ID: 2452B3702209CE9ADE89C12829EE069A
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BASF Grids - App

Page Statistics

26
Requests

81 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

6
IPs

3
Countries

376 kB
Transfer

1045 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.zreality.com/knowledge-base/?lang=en
Title: Guides

Search URL Search Domain Scan URL

URL: https://www.zreality.com/terms-conditions/?lang=en
Title: Terms of Use

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
basf-grids-app.basf-zreality-internal.com/ 9 KB
11 KB 214ms
124ms Document
text/html 54.75.22.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://basf-grids-app.basf-zreality-internal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.22.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-22-170.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

d7ded0a141137403f61cf023b72cba54fe00e421fe754ff3cdb12d4d35690a3d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; child-src 'self' blob: ; connect-src 'self' blob: data: https://api.github.com https://bh4d9od16a-3.algolianet.com https://cdn.aframe.io https://dpdb.webvr.rocks https://www.google-analytics.com https://www.youtube.com https://fonts.gstatic.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 * https://analytics.zreality.com/ https://o1082228.ingest.sentry.io/ https://grids-mediastorage-contentbucket-bs318mkkrsqh.s3.eu-central-1.amazonaws.com https://grids-filestorage-api-basf.zreality.com https://grids-filestorage-basf-contentbucket.s3.eu-west-1.amazonaws.com https://basfzreality.link:443 https://.basf-zreality-internal.com:443 wss://.basf-zreality-internal.com:443 wss://.basf-zreality-internal.com:443 https://.basf-zreality-internal.com:443 https://basf-grids-assets.basf-zreality-internal.com https://basf-grids-nearspark.basf-zreality-internal.com; default-src 'none'; font-src 'self' https://cdn.aframe.io https://cdn.jsdelivr.net https://fonts.googleapis.com https://fonts.gstatic.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ https://basf-grids-assets.basf-zreality-internal.com; form-action 'self' ; frame-src 'self' https://docs.google.com https://player.vimeo.com https://www.youtube.com ; img-src 'self' blob: data: https://cdn.aframe.io https://cdn.jsdelivr.net https://user-images.githubusercontent.com https://www.google-analytics.com https://www.youtube.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 https://grids-mediastorage-contentbucket-bs318mkkrsqh.s3.eu-central-1.amazonaws.com https://basf-grids-assets.basf-zreality-internal.com https://basf-grids-nearspark.basf-zreality-internal.com; manifest-src 'self' ; media-src 'self' .googlevideo.com blob: data: https://www.youtube.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 * https://basf-grids-assets.basf-zreality-internal.com https://basf-grids-nearspark.basf-zreality-internal.com; script-src 'sha256-liR1vHSj8JlSRdvF89HjQBuYwHGi/C2Lte576puqOZs=' 'sha256-s7gZ33E7OuqKmFn0Kt08n8EaM+8sA2N9WyTrjwJckeo=' 'self' blob: 'sha256-/S6PM16MxkmUT7zJN2lkEKFgvXR7yL4Z8PCrRrFu4Q8=' 'sha256-MIpWPgYj31kCgSUFc0UwHGQrV87W6N5ozotqfxxQG0w=' 'sha256-ViVvpb0oYlPAp7R8ZLxlNI6rsf7E7oz8l1SgCIXgMvM=' 'sha256-buF6N8Z4p2PuaaeRUjm7mxBpPNf4XlCT9Fep83YabbM=' 'sha256-foB3G7vO68Ot8wctsG3OKBQ84ADKVinlnTg9/s93Ycs=' 'sha256-g0j42v3Wo/ohUAMR/t0EuObDSEkx1rZ3lv45fUaNmYs=' 'sha256-hsbRcgUBASABDq7qVGVTpbnWq/ns7B+ToTctZFJXYi8=' 'unsafe-eval' https://aframe.io https://cdn.jsdelivr.net/docsearch.js/1/docsearch.min.js https://s.ytimg.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.youtube.com https://analytics.zreality.com/ https://o1082228.ingest.sentry.io/ https://basf-grids-assets.basf-zreality-internal.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css https://basf-grids-assets.basf-zreality-internal.com; worker-src 'self' blob: https://basf-grids-assets.basf-zreality-internal.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-length: 8898
content-security-policy: base-uri 'none'; child-src 'self' blob: ; connect-src 'self' blob: data: https://api.github.com https://bh4d9od16a-3.algolianet.com https://cdn.aframe.io https://dpdb.webvr.rocks https://www.google-analytics.com https://www.youtube.com https://fonts.gstatic.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 * https://analytics.zreality.com/ https://o1082228.ingest.sentry.io/ https://grids-mediastorage-contentbucket-bs318mkkrsqh.s3.eu-central-1.amazonaws.com https://grids-filestorage-api-basf.zreality.com https://grids-filestorage-basf-contentbucket.s3.eu-west-1.amazonaws.com https://basfzreality.link:443 https://*.basf-zreality-internal.com:443 wss://*.basf-zreality-internal.com:443 wss://*.basf-zreality-internal.com:443 https://*.basf-zreality-internal.com:443 https://basf-grids-assets.basf-zreality-internal.com https://basf-grids-nearspark.basf-zreality-internal.com; default-src 'none'; font-src 'self' https://cdn.aframe.io https://cdn.jsdelivr.net https://fonts.googleapis.com https://fonts.gstatic.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ https://basf-grids-assets.basf-zreality-internal.com; form-action 'self' ; frame-src 'self' https://docs.google.com https://player.vimeo.com https://www.youtube.com *; img-src 'self' blob: data: https://cdn.aframe.io https://cdn.jsdelivr.net https://user-images.githubusercontent.com https://www.google-analytics.com https://www.youtube.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 https://grids-mediastorage-contentbucket-bs318mkkrsqh.s3.eu-central-1.amazonaws.com https://basf-grids-assets.basf-zreality-internal.com https://basf-grids-nearspark.basf-zreality-internal.com; manifest-src 'self' ; media-src 'self' *.googlevideo.com blob: data: https://www.youtube.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 * https://basf-grids-assets.basf-zreality-internal.com https://basf-grids-nearspark.basf-zreality-internal.com; script-src 'sha256-liR1vHSj8JlSRdvF89HjQBuYwHGi/C2Lte576puqOZs=' 'sha256-s7gZ33E7OuqKmFn0Kt08n8EaM+8sA2N9WyTrjwJckeo=' 'self' blob: 'sha256-/S6PM16MxkmUT7zJN2lkEKFgvXR7yL4Z8PCrRrFu4Q8=' 'sha256-MIpWPgYj31kCgSUFc0UwHGQrV87W6N5ozotqfxxQG0w=' 'sha256-ViVvpb0oYlPAp7R8ZLxlNI6rsf7E7oz8l1SgCIXgMvM=' 'sha256-buF6N8Z4p2PuaaeRUjm7mxBpPNf4XlCT9Fep83YabbM=' 'sha256-foB3G7vO68Ot8wctsG3OKBQ84ADKVinlnTg9/s93Ycs=' 'sha256-g0j42v3Wo/ohUAMR/t0EuObDSEkx1rZ3lv45fUaNmYs=' 'sha256-hsbRcgUBASABDq7qVGVTpbnWq/ns7B+ToTctZFJXYi8=' 'unsafe-eval' https://aframe.io https://cdn.jsdelivr.net/docsearch.js/1/docsearch.min.js https://s.ytimg.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.youtube.com https://analytics.zreality.com/ https://o1082228.ingest.sentry.io/ https://basf-grids-assets.basf-zreality-internal.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css https://basf-grids-assets.basf-zreality-internal.com; worker-src 'self' blob: https://basf-grids-assets.basf-zreality-internal.com
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Thu, 01 Jun 2023 07:33:59 GMT
hub-entity-type: hub
hub-name: BASF Grids
server: Cowboy
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: F2R4q807uCGBWX8AAUPh
x-xss-protection: 1; mode=block

GET
H2 200 support-971197f509a992e3b19f.css
basf-grids-assets.basf-zreality-internal.com/hubs/assets/stylesheets/ 17 KB
5 KB 50ms
9ms Stylesheet
text/css 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/stylesheets/support-971197f509a992e3b19f.css
Requested by: Host: basf-grids-app.basf-zreality-internal.com
URL: https://basf-grids-app.basf-zreality-internal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20e36e07d75d1a68439dde1098235bf385bd8ff43e6bc1180366e9352f6269d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:37:30 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Fri, 26 May 2023 06:48:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3391
x-amz-server-side-encryption: AES256
etag: W/"38342c735accbf84e59c629648e20f24"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age-31556926
x-amz-cf-id: ggn7_fNKujqu7aU5zMClfUscaHTt5gAVjUU7nT11zFWO6Q4O6KogzA==

GET
H2 200 index-e57ffce302b34a860c46.css
basf-grids-assets.basf-zreality-internal.com/hubs/assets/stylesheets/ 50 KB
10 KB 201ms
160ms Stylesheet
text/css 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/stylesheets/index-e57ffce302b34a860c46.css
Requested by: Host: basf-grids-app.basf-zreality-internal.com
URL: https://basf-grids-app.basf-zreality-internal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0996053ccf9169f658c1d32b64aedc094c2e95ff3492e47fdbfefca75fb98e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 07:34:01 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Fri, 26 May 2023 06:48:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
etag: W/"5de32ee26e4ba34b5b5f1d6ef52c31a0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age-31556926
x-amz-cf-id: u5mTvMgMdej8OFbGwmHkzP-kg38D4BbI_FUYT_79OI246iR754tdww==

GET
H2 200 frontend-f370881a71c5a787bed7.js Show response
basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/ 330 KB
105 KB 56ms
15ms Script
application/javascript 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/frontend-f370881a71c5a787bed7.js
Requested by: Host: basf-grids-app.basf-zreality-internal.com
URL: https://basf-grids-app.basf-zreality-internal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ddad94d92907a343e07baafae7de9c8a67eeaa4ef8269924c6256ad51adf523

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:37:30 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Fri, 26 May 2023 06:48:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3391
x-amz-server-side-encryption: AES256
etag: W/"236b06df3dc212b03a0835410c2b9b31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age-31556926
x-amz-cf-id: tZ_-Vt-_D2xbm64ypc3Ya5OZgkSS3F1Wr402gQEj-agkngxZ9KKG1A==

GET
H2 200 support-26d15e3c78d33cd5dce0.js Show response
basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/ 17 KB
6 KB 50ms
9ms Script
application/javascript 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/support-26d15e3c78d33cd5dce0.js
Requested by: Host: basf-grids-app.basf-zreality-internal.com
URL: https://basf-grids-app.basf-zreality-internal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d62b44da1901afb47fc2a7bf3ebec70234c00435631e858d2d8607c28bad4a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:37:30 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 10:48:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3391
x-amz-server-side-encryption: AES256
etag: W/"bd331292c886838bfb8dee9035d77181"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age-31556926
x-amz-cf-id: Lixa-v_AsNJYpRoAc7UncK7wvWCNHIsa3YkelhOY2GOVEGQm9HcVvw==

GET
H2 200 store-93b1183d3bd700e667f6.js Show response
basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/ 52 KB
15 KB 51ms
10ms Script
application/javascript 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/store-93b1183d3bd700e667f6.js
Requested by: Host: basf-grids-app.basf-zreality-internal.com
URL: https://basf-grids-app.basf-zreality-internal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32128d3b08e337e7fe4599810a81a871f562547d4cc7d70bf12ad8eb366a21ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:37:30 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Fri, 26 May 2023 06:48:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3391
x-amz-server-side-encryption: AES256
etag: W/"68c052d955a11431d70149028d91451e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age-31556926
x-amz-cf-id: DiLIL1ub0a_S-_BD7S5I2wf5Pu8qaOoXNsq-4AqwNwbTFc8lTPNweQ==

GET
H2 200 index-b057d77262ec74fba3b2.js Show response
basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/ 327 KB
101 KB 172ms
132ms Script
application/javascript 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/index-b057d77262ec74fba3b2.js
Requested by: Host: basf-grids-app.basf-zreality-internal.com
URL: https://basf-grids-app.basf-zreality-internal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ac15e79503764595ceb583b6442a4cda60a5d388ecb118f3c308cd03304cac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 07:34:01 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 10:48:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
etag: W/"c77fcac15961b0c136766d7f1280d812"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age-31556926
x-amz-cf-id: fP18kzcwBVMO5KWifWVqHOQK5mjzJ2v-n1IktEYWe3TnfzmvERYRAA==

OPTIONS
H2 204 search
basfgrids.zreality.com/api/v1/media/ 0
0 126ms
29ms Preflight 52.31.171.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basfgrids.zreality.com/api/v1/media/search?source=rooms&filter=public&cursor=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.171.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-171-231.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://basf-grids-app.basf-zreality-internal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
date: Thu, 01 Jun 2023 07:34:00 GMT
server: Cowboy
x-request-id: F2R4q_GY7kp6QvkAANji

OPTIONS
H2 204 search
basfgrids.zreality.com/api/v1/media/ 0
0 121ms
30ms Preflight 52.31.171.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basfgrids.zreality.com/api/v1/media/search?source=scene_listings
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.171.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-171-231.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://basf-grids-app.basf-zreality-internal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
date: Thu, 01 Jun 2023 07:34:00 GMT
server: Cowboy
x-request-id: F2R4q_GZ4pCUhLUAAURB

GET
H2 200 8858-918db5f14ad55d28d2c5.js Show response
basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/ 34 KB
11 KB 9ms
8ms Script
application/javascript 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/8858-918db5f14ad55d28d2c5.js
Requested by: Host: basf-grids-assets.basf-zreality-internal.com
URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/index-b057d77262ec74fba3b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fb72e52bde7adfb34b526089440d3354af1194ebd12885ffd30ec452fb39018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:37:30 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Fri, 26 May 2023 06:48:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3391
x-amz-server-side-encryption: AES256
etag: W/"4d129fa89760f2982b92f177d38b263c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age-31556926
x-amz-cf-id: dLtOwuV4pILNuUTuBmBNYVYMmaTX7zMCUKG6ZrqiR5WLxJlOMhseMQ==

GET
H2 200 2048-c440ef480e30e576e5c3.js Show response
basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/ 49 KB
16 KB 8ms
8ms Script
application/javascript 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/2048-c440ef480e30e576e5c3.js
Requested by: Host: basf-grids-assets.basf-zreality-internal.com
URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/index-b057d77262ec74fba3b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ed451357293949c09672fcf29217b6e83dcce1a909eba6efdcf54af884ba7c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:37:30 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Fri, 26 May 2023 06:48:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3391
x-amz-server-side-encryption: AES256
etag: W/"8948edef95568ec630520ad00d7838ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age-31556926
x-amz-cf-id: j3A1XsWg8oE34Wi3rg1qE9bDFllIb29QyGf42-vxUQjWYAChYmh7_A==

GET montserrat-v25-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular-636be5d921ff8c415347..woff2
basf-grids-assets.basf-zreality-internal.com/hubs/assets/zreality/stylesheets/fonts/ 0
0

GET search
basfgrids.zreality.com/api/v1/media/ 0
0

GET
H2 200 73147d6c-f22b-41fc-8e8d-e0ec2b0eecc6.png
basf-grids-assets.basf-zreality-internal.com/files/ 15 KB
16 KB 138ms
137ms Image
image/png 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basf-grids-assets.basf-zreality-internal.com/files/73147d6c-f22b-41fc-8e8d-e0ec2b0eecc6.png

Requested by

Host: basf-grids-app.basf-zreality-internal.com
URL: https://basf-grids-app.basf-zreality-internal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-96.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

cde1a466d0bfef44806f3c91d2247037eb8f2e36a367cd350d06642b3ef755cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' https://basf-grids-assets.basf-zreality-internal.com; media-src 'self' https://basf-grids-assets.basf-zreality-internal.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 07:34:00 GMT
content-security-policy: default-src 'none'; img-src 'self' https://basf-grids-assets.basf-zreality-internal.com; media-src 'self' https://basf-grids-assets.basf-zreality-internal.com; style-src 'self' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA60-P4
cross-origin-window-policy: deny
x-cache: Miss from cloudfront
content-length: 15436
x-xss-protection: 1; mode=block
x-request-id: F2R4q_AEk_WB-X0AAUQh
server: Cowboy
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: nOtyUORewqFqAmm3wLLj7C7PsR4kMnYoNtMDGXmp71AFxyJI3I8Dtg==

GET
H2 200 afdbeb30-7280-4ce2-b2f7-318b77395cc6.jpg
basf-grids-assets.basf-zreality-internal.com/files/ 29 KB
30 KB 138ms
137ms Image
image/jpeg 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basf-grids-assets.basf-zreality-internal.com/files/afdbeb30-7280-4ce2-b2f7-318b77395cc6.jpg

Requested by

Host: basf-grids-app.basf-zreality-internal.com
URL: https://basf-grids-app.basf-zreality-internal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-96.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

eade7458b898bbf5f04c55ae66e4f3602054f38d1b7e7516e4c8f2e59137aff8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' https://basf-grids-assets.basf-zreality-internal.com; media-src 'self' https://basf-grids-assets.basf-zreality-internal.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 07:34:00 GMT
content-security-policy: default-src 'none'; img-src 'self' https://basf-grids-assets.basf-zreality-internal.com; media-src 'self' https://basf-grids-assets.basf-zreality-internal.com; style-src 'self' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA60-P4
cross-origin-window-policy: deny
x-cache: Miss from cloudfront
content-length: 29562
x-xss-protection: 1; mode=block
x-request-id: F2R4q_DiNPNsFhAAALOi
server: Cowboy
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: L07jcmjBEhtFWaRj7h8eJCkx3a5FUp72d375G3aqTqC4Kp5vRY15nQ==

GET
H2 200 dbf6e8d7-8f82-4c7c-982b-374c74c4d461.png
basf-grids-assets.basf-zreality-internal.com/files/ 15 KB
16 KB 137ms
136ms Image
image/png 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basf-grids-assets.basf-zreality-internal.com/files/dbf6e8d7-8f82-4c7c-982b-374c74c4d461.png

Requested by

Host: basf-grids-app.basf-zreality-internal.com
URL: https://basf-grids-app.basf-zreality-internal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-96.fra60.r.cloudfront.net

Software

Cowboy /

Resource Hash

cde1a466d0bfef44806f3c91d2247037eb8f2e36a367cd350d06642b3ef755cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' https://basf-grids-assets.basf-zreality-internal.com; media-src 'self' https://basf-grids-assets.basf-zreality-internal.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 07:34:00 GMT
content-security-policy: default-src 'none'; img-src 'self' https://basf-grids-assets.basf-zreality-internal.com; media-src 'self' https://basf-grids-assets.basf-zreality-internal.com; style-src 'self' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA60-P4
cross-origin-window-policy: deny
x-cache: Miss from cloudfront
content-length: 15436
x-xss-protection: 1; mode=block
x-request-id: F2R4q_Azuz3CSkQAAGsE
server: Cowboy
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kpo8LR0PTDH6-fJuLlfYuPsM5d_6FcgcH04apnX0lnpkHR1aMD0IeQ==

GET
H2 200 matomo.js Show response
analytics.zreality.com/ 64 KB
21 KB 73ms
14ms Script
application/javascript 18.194.156.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.zreality.com/matomo.js
Requested by: Host: basf-grids-assets.basf-zreality-internal.com
URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/index-b057d77262ec74fba3b2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.156.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-156-199.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 07:34:00 GMT
content-encoding: gzip
last-modified: Fri, 19 May 2023 19:45:53 GMT
server: Apache
etag: "10132-5fc112b339e40-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 21441

OPTIONS
H2 204 search
basfgrids.zreality.com/api/v1/media/ 0
0 133ms
42ms Preflight 52.31.171.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basfgrids.zreality.com/api/v1/media/search?filter=featured&source=scene_listings
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.171.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-171-231.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://basf-grids-app.basf-zreality-internal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
date: Thu, 01 Jun 2023 07:34:00 GMT
server: Cowboy
x-request-id: F2R4q_JdJUnSCpQAAUXB

GET
H2 200 4530-65ee121d7dbf46c79069.js Show response
basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/ 36 KB
12 KB 21ms
20ms Script
application/javascript 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/4530-65ee121d7dbf46c79069.js
Requested by: Host: basf-grids-assets.basf-zreality-internal.com
URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/index-b057d77262ec74fba3b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a7de3577a30eef5b5be088d71d788ec8c7b3febfa35bb1b7cca2d18cd2cc9c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://basf-grids-app.basf-zreality-internal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:37:31 GMT
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Fri, 26 May 2023 06:48:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3390
x-amz-server-side-encryption: AES256
etag: W/"3395b684a4be9f5c79332faffd271bf0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age-31556926
x-amz-cf-id: NOIhPwt0OLn52Ur3xVFHrcoCLHllArli2z2ZsWgAU7hlhZQkZhzqLA==

POST
H/1.1 501
Not Implemented / Show response
gt.zreality.com/api/1/envelope/ 252 B
1016 B 69ms
39ms Fetch
application/json 18.197.47.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.zreality.com/api/1/envelope/?sentry_key=b8f7e8a9bcbf460eb3106154b12d235f&sentry_version=7

Requested by

Host: basf-grids-assets.basf-zreality-internal.com
URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/2048-c440ef480e30e576e5c3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.197.47.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-47-59.eu-central-1.compute.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

15756d016c8179b590e234828418c60e51f5d6b55bc4f4d052718fb264108565

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self'; img-src 'self'; worker-src 'self' blob:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' https://.glitchtip.com; script-src 'self' https://.glitchtip.com; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://basf-grids-app.basf-zreality-internal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 01 Jun 2023 07:34:00 GMT
Content-Security-Policy: default-src 'self'; frame-src 'self'; img-src 'self'; worker-src 'self' blob:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' https://*.glitchtip.com; script-src 'self' https://*.glitchtip.com; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: nginx/1.22.1
Cross-Origin-Opener-Policy: same-origin
Allow: POST
Vary: Accept-Language, Origin
Content-Language: de
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Frame-Options: DENY
Connection: keep-alive
Content-Length: 252

POST
H2 204 matomo.php
analytics.zreality.com/ 0
132 B 332ms
331ms Ping
text/plain 18.194.156.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.zreality.com/matomo.php?action_name=BASF%20Grids%20-&idsite=9&rec=1&r=487607&h=7&m=34&s=0&url=https%3A%2F%2Fbasf-grids-app.basf-zreality-internal.com%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=3SZN6c&pf_net=91&pf_srv=123&pf_tfr=1&pf_dm1=339&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: analytics.zreality.com
URL: https://analytics.zreality.com/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.156.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-156-199.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://basf-grids-app.basf-zreality-internal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://basf-grids-app.basf-zreality-internal.com
date: Thu, 01 Jun 2023 07:34:00 GMT
access-control-allow-credentials: true
server: Apache

POST
H2 204 matomo.php
analytics.zreality.com/ 0
132 B 337ms
336ms Ping
text/plain 18.194.156.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.zreality.com/matomo.php?action_name=BASF%20Grids%20-&idsite=12&rec=1&r=285222&h=7&m=34&s=0&url=https%3A%2F%2Fbasf-grids-app.basf-zreality-internal.com%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=dtyA4v&pf_net=91&pf_srv=123&pf_tfr=1&pf_dm1=339&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: analytics.zreality.com
URL: https://analytics.zreality.com/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.156.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-156-199.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://basf-grids-app.basf-zreality-internal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://basf-grids-app.basf-zreality-internal.com
date: Thu, 01 Jun 2023 07:34:00 GMT
access-control-allow-credentials: true
server: Apache

GET montserrat-v25-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular-327fab0afc997a2d9b16..woff
basf-grids-assets.basf-zreality-internal.com/hubs/assets/zreality/stylesheets/fonts/ 0
0

POST
H/1.1 200
OK / Show response
gt.zreality.com/api/1/envelope/ 41 B
791 B 47ms
47ms Fetch
application/json 18.197.47.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.zreality.com/api/1/envelope/?sentry_key=b8f7e8a9bcbf460eb3106154b12d235f&sentry_version=7

Requested by

Host: basf-grids-assets.basf-zreality-internal.com
URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/js/2048-c440ef480e30e576e5c3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.197.47.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-47-59.eu-central-1.compute.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

d34a0f1c32ce3b9a4185560fb24a5132cdca6d1a00e98a2f1e7a5a043cff33e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self'; img-src 'self'; worker-src 'self' blob:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' https://.glitchtip.com; script-src 'self' https://.glitchtip.com; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://basf-grids-app.basf-zreality-internal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 01 Jun 2023 07:34:01 GMT
Content-Security-Policy: default-src 'self'; frame-src 'self'; img-src 'self'; worker-src 'self' blob:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' https://*.glitchtip.com; script-src 'self' https://*.glitchtip.com; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: nginx/1.22.1
Cross-Origin-Opener-Policy: same-origin
Allow: POST
Vary: Accept-Language, Origin
Content-Language: de
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Frame-Options: DENY
Connection: keep-alive
Content-Length: 41

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: basf-grids-assets.basf-zreality-internal.com
URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/zreality/stylesheets/fonts/montserrat-v25-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular-636be5d921ff8c415347..woff2

Domain: basfgrids.zreality.com
URL: https://basfgrids.zreality.com/api/v1/media/search?source=rooms&filter=public&cursor=0

Domain: basfgrids.zreality.com
URL: https://basfgrids.zreality.com/api/v1/media/search?source=scene_listings

Domain: basfgrids.zreality.com
URL: https://basfgrids.zreality.com/api/v1/media/search?filter=featured&source=scene_listings

Domain: basf-grids-assets.basf-zreality-internal.com
URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/zreality/stylesheets/fonts/montserrat-v25-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular-327fab0afc997a2d9b16..woff

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://basf-grids-app.basf-zreality-internal.com/ Message: Access to fetch at 'https://basfgrids.zreality.com/api/v1/media/search?source=rooms&filter=public&cursor=0' from origin 'https://basf-grids-app.basf-zreality-internal.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://basfgrids.zreality.com/api/v1/media/search?source=rooms&filter=public&cursor=0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://basf-grids-app.basf-zreality-internal.com/ Message: Access to fetch at 'https://basfgrids.zreality.com/api/v1/media/search?source=scene_listings' from origin 'https://basf-grids-app.basf-zreality-internal.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://basfgrids.zreality.com/api/v1/media/search?source=scene_listings Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://basf-grids-app.basf-zreality-internal.com/ Message: Access to fetch at 'https://basfgrids.zreality.com/api/v1/media/search?filter=featured&source=scene_listings' from origin 'https://basf-grids-app.basf-zreality-internal.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://basfgrids.zreality.com/api/v1/media/search?filter=featured&source=scene_listings Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://gt.zreality.com/api/1/envelope/?sentry_key=b8f7e8a9bcbf460eb3106154b12d235f&sentry_version=7 Message: Failed to load resource: the server responded with a status of 501 (Not Implemented)
javascript	error	URL: https://basf-grids-app.basf-zreality-internal.com/ Message: Access to font at 'https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/zreality/stylesheets/fonts/montserrat-v25-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular-636be5d921ff8c415347..woff2' from origin 'https://basf-grids-app.basf-zreality-internal.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/zreality/stylesheets/fonts/montserrat-v25-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular-636be5d921ff8c415347..woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://basf-grids-app.basf-zreality-internal.com/ Message: Access to font at 'https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/zreality/stylesheets/fonts/montserrat-v25-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular-327fab0afc997a2d9b16..woff' from origin 'https://basf-grids-app.basf-zreality-internal.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://basf-grids-assets.basf-zreality-internal.com/hubs/assets/zreality/stylesheets/fonts/montserrat-v25-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular-327fab0afc997a2d9b16..woff Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'none'; child-src 'self' blob: ; connect-src 'self' blob: data: https://api.github.com https://bh4d9od16a-3.algolianet.com https://cdn.aframe.io https://dpdb.webvr.rocks https://www.google-analytics.com https://www.youtube.com https://fonts.gstatic.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 * https://analytics.zreality.com/ https://o1082228.ingest.sentry.io/ https://grids-mediastorage-contentbucket-bs318mkkrsqh.s3.eu-central-1.amazonaws.com https://grids-filestorage-api-basf.zreality.com https://grids-filestorage-basf-contentbucket.s3.eu-west-1.amazonaws.com https://basfzreality.link:443 https://.basf-zreality-internal.com:443 wss://.basf-zreality-internal.com:443 wss://.basf-zreality-internal.com:443 https://.basf-zreality-internal.com:443 https://basf-grids-assets.basf-zreality-internal.com https://basf-grids-nearspark.basf-zreality-internal.com; default-src 'none'; font-src 'self' https://cdn.aframe.io https://cdn.jsdelivr.net https://fonts.googleapis.com https://fonts.gstatic.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ https://basf-grids-assets.basf-zreality-internal.com; form-action 'self' ; frame-src 'self' https://docs.google.com https://player.vimeo.com https://www.youtube.com ; img-src 'self' blob: data: https://cdn.aframe.io https://cdn.jsdelivr.net https://user-images.githubusercontent.com https://www.google-analytics.com https://www.youtube.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 https://grids-mediastorage-contentbucket-bs318mkkrsqh.s3.eu-central-1.amazonaws.com https://basf-grids-assets.basf-zreality-internal.com https://basf-grids-nearspark.basf-zreality-internal.com; manifest-src 'self' ; media-src 'self' .googlevideo.com blob: data: https://www.youtube.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 * https://basf-grids-assets.basf-zreality-internal.com https://basf-grids-nearspark.basf-zreality-internal.com; script-src 'sha256-liR1vHSj8JlSRdvF89HjQBuYwHGi/C2Lte576puqOZs=' 'sha256-s7gZ33E7OuqKmFn0Kt08n8EaM+8sA2N9WyTrjwJckeo=' 'self' blob: 'sha256-/S6PM16MxkmUT7zJN2lkEKFgvXR7yL4Z8PCrRrFu4Q8=' 'sha256-MIpWPgYj31kCgSUFc0UwHGQrV87W6N5ozotqfxxQG0w=' 'sha256-ViVvpb0oYlPAp7R8ZLxlNI6rsf7E7oz8l1SgCIXgMvM=' 'sha256-buF6N8Z4p2PuaaeRUjm7mxBpPNf4XlCT9Fep83YabbM=' 'sha256-foB3G7vO68Ot8wctsG3OKBQ84ADKVinlnTg9/s93Ycs=' 'sha256-g0j42v3Wo/ohUAMR/t0EuObDSEkx1rZ3lv45fUaNmYs=' 'sha256-hsbRcgUBASABDq7qVGVTpbnWq/ns7B+ToTctZFJXYi8=' 'unsafe-eval' https://aframe.io https://cdn.jsdelivr.net/docsearch.js/1/docsearch.min.js https://s.ytimg.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.youtube.com https://analytics.zreality.com/ https://o1082228.ingest.sentry.io/ https://basf-grids-assets.basf-zreality-internal.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com https://basf-grids-cors-proxy.basf-zreality-internal.com:443 https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css https://basf-grids-assets.basf-zreality-internal.com; worker-src 'self' blob: https://basf-grids-assets.basf-zreality-internal.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.zreality.com
basf-grids-app.basf-zreality-internal.com
basf-grids-assets.basf-zreality-internal.com
basfgrids.zreality.com
gt.zreality.com
basf-grids-assets.basf-zreality-internal.com
basfgrids.zreality.com
18.194.156.199
18.197.47.59
18.66.147.96
52.31.171.231
54.75.22.170
0fb72e52bde7adfb34b526089440d3354af1194ebd12885ffd30ec452fb39018
15756d016c8179b590e234828418c60e51f5d6b55bc4f4d052718fb264108565
1a7de3577a30eef5b5be088d71d788ec8c7b3febfa35bb1b7cca2d18cd2cc9c4
20e36e07d75d1a68439dde1098235bf385bd8ff43e6bc1180366e9352f6269d1
32128d3b08e337e7fe4599810a81a871f562547d4cc7d70bf12ad8eb366a21ce
4ac15e79503764595ceb583b6442a4cda60a5d388ecb118f3c308cd03304cac2
4ed451357293949c09672fcf29217b6e83dcce1a909eba6efdcf54af884ba7c3
7d62b44da1901afb47fc2a7bf3ebec70234c00435631e858d2d8607c28bad4a0
7ddad94d92907a343e07baafae7de9c8a67eeaa4ef8269924c6256ad51adf523
cde1a466d0bfef44806f3c91d2247037eb8f2e36a367cd350d06642b3ef755cb
d0996053ccf9169f658c1d32b64aedc094c2e95ff3492e47fdbfefca75fb98e6
d34a0f1c32ce3b9a4185560fb24a5132cdca6d1a00e98a2f1e7a5a043cff33e7
d7ded0a141137403f61cf023b72cba54fe00e421fe754ff3cdb12d4d35690a3d
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eade7458b898bbf5f04c55ae66e4f3602054f38d1b7e7516e4c8f2e59137aff8

basf-grids-app.basf-zreality-internal.com Open in urlscan Pro 54.75.22.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

26 Requests

81 %HTTPS

0 %IPv6

2 Domains

5 Subdomains

6 IPs

3 Countries

376 kBTransfer

1045 kBSize

0 Cookies

2 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

0 Cookies

11 Console Messages

Security Headers

Indicators

basf-grids-app.basf-zreality-internal.com Open in urlscan Pro
54.75.22.170 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

81 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

6
IPs

3
Countries

376 kB
Transfer

1045 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions