To avoid abuse, production ILSA instances are restricted to requests from allowed domains. This is like CORS, but the implementation is different.
In the backoffice you need to configure on which domain(s) your website is serving visitors. Requests from other domains are blocked to prevent misuse of your data.
In the Backoffice you can configure a list of IP addresses that are exempt from CORS checking. This is convenient for development environments.
IP ranges are configured in CIDR notation. Use 1.2.3.4/32 for only 1.2.3.4. Use 1.2.3.0/24 for 1.2.3.0 through 1.2.3.255. Use /128 for a single IPv6 address.
Requests from development IP addresses are also not included in the statistics, for example the number of views on each vehicle.