blocklists:microsoft:microsoft_office_365
This is an old revision of the document!
Table of Contents
Blocklists - Microsoft - Microsoft Office 365
Get Current List of IP Addresses
curl https://endpoints.office.com/endpoints/worldwide?clientrequestid=948beb0b-32bb-4e1c-a67d-091c861a0cc6 > /tmp/office.txt jq -r '.[] | select(.ips) .ips[]' /tmp/office.txt | sort -t . -k1,1n -k2,2n -k3,3n -k4,4n | uniq
returns:
13.80.125.22/32 13.91.91.243/32 13.107.6.152/31 13.107.6.156/31 13.107.6.171/32 13.107.7.190/31 13.107.9.156/31 13.107.18.10/31 13.107.64.0/18 13.107.128.0/22 13.107.136.0/22 13.107.140.6/32 20.190.128.0/18 23.103.160.0/20 40.81.156.154/32 40.90.218.198/32 40.92.0.0/15 40.96.0.0/13 40.104.0.0/15 40.107.0.0/16 40.108.128.0/17 40.126.0.0/18 52.96.0.0/14 52.100.0.0/14 52.104.0.0/14 52.108.0.0/14 52.112.0.0/14 52.120.0.0/14 52.174.56.180/32 52.183.75.62/32 52.184.165.82/32 52.238.78.88/32 52.238.106.116/32 52.238.119.141/32 52.244.37.168/32 52.244.160.207/32 52.244.203.72/32 52.244.207.172/32 52.244.223.198/32 52.247.150.191/32 104.42.230.91/32 104.47.0.0/17 104.146.128.0/17 131.253.33.215/32 132.245.0.0/16 150.171.32.0/22 150.171.40.0/22 157.55.145.0/25 157.55.155.0/25 157.55.227.192/26 204.79.197.215/32
Get Current List of URLs
jq -r '.[] | select(.urls) .urls[]' /tmp/office.txt | sort | uniq
returns:
*.aadrm.com account.activedirectory.windowsazure.com account.live.com account.office.net accounts.accesscontrol.windows.net accounts.google.com acompli.helpshift.com *.acompli.net activation.sls.microsoft.com activity.windows.com ad.atdmt.com *.adl.windows.com admin.microsoft.com admin.onedrive.com adminwebservice.microsoftonline.com ajax.aspnetcdn.com ajax.microsoft.com aka.ms amp.azure.net amsglob0cdnstream13.azureedge.net amsglob0cdnstream14.azureedge.net analytics.localytics.com api.dropboxapi.com api.localytics.com api.login.yahoo.com api.meetup.com *.api.microsoftstream.com api.microsoftstream.com api.office.com api.passwordreset.microsoftonline.com apis.live.net app.adjust.com app.box.com *.appex.bing.com *.appex-rf.msn.com appsforoffice.microsoft.com apps.identrust.com *.aria.microsoft.com assets.onestore.ms *.assets-yammer.com attachments.office.net auth.gfx.ms autodiscover.*.onmicrosoft.com autologon.microsoftazuread-sso.com *.azure-apim.net *.azureedge.net *.azurerms.com becws.microsoftonline.com bit.ly *.blob.core.windows.net *.broadcast.skype.com broadcast.skype.com by.uservoice.com c1.microsoft.com cacerts.digicert.com c.bing.com c.bing.net cdn.forms.office.net cdn.odc.officeapps.live.com *.cdn.office.net *cdn.onenote.net cdn.optimizely.com cdnprod.myanalytics.microsoft.com cdn.sharepointonline.com cert.int-x3.letsencrypt.org cl2.apple.com clientconfig.microsoftonline-p.net c.live.com *.cloudapp.net companymanager.microsoftonline.com compass-ssl.microsoft.com *.config.office.net connect.facebook.net contentstorage.osi.office.net crl3.digicert.com crl4.digicert.com crl.globalsign.com crl.globalsign.net crl.identrust.com crl.microsoft.com data.flurry.com dc.applicationinsights.microsoft.com dc.services.visualstudio.com d.docs.live.net device.login.microsoftonline.com dgps.support.microsoft.com directory.services.live.com docs.live.net docs.microsoft.com ecn.dev.virtualearth.net enterpriseregistration.windows.net *.entrust.net en-us.appex-rf.msn.com eus-www.sway-cdn.com eus-www.sway-extensions.com *.events.data.microsoft.com excelbingmap.firstpartyapps.oaspapps.com excelcs.officeapps.live.com *-files.sharepoint.com firstpartyapps.oaspapps.com *.flow.microsoft.com foodanddrink.services.appex.bing.com forms.microsoft.com *.geotrust.com g.live.com go.microsoft.com graph.facebook.com graph.microsoft.com graph.windows.net *.helpshift.com *.hip.live.com *.hockeyapp.net home.office.com *.informationprotection.azure.com informationprotection.hosting.portal.azure.net insertmedia.bing.office.net isrg.trustid.ocsp.identrust.com *.itunes.apple.com *.keydelivery.mediaservices.windows.net *.localytics.com logincert.microsoftonline.com loginex.microsoftonline.com login.live.com login.microsoft.com login.microsoftonline.com login.microsoftonline-p.com login-us.microsoftonline.com login.windows.net login.windows-ppe.net *.log.optimizely.com lpcres.delve.office.com *.lync.com mail.google.com *.mail.protection.outlook.com management.azure.com *.manage.microsoft.com *.manage.office.com manage.office.com *.media.azure.net mem.gfx.ms m.facebook.com *.microsoft.com *.microsoftonline.com *.microsoftonline-p.com *.microsoftusercontent.com mlccdn.blob.core.windows.net mlccdnprod.azureedge.net mrodevicemgr.officeapps.live.com *.msauthimages.net *.msauth.net mscrl.microsoft.com msdn.microsoft.com *.msecnd.net *.msedge.net *.msftauthimages.net *.msftauth.net *.msftidentity.com *.msidentity.com *.msocdn.com *.mstea.ms myanalytics-gcc.microsoft.com myanalytics.microsoft.com *-myfiles.sharepoint.com nexus.microsoftonline-p.com nexus.officeapps.live.com nexusrules.officeapps.live.com *.notification.api.microsoftstream.com nps.onyx.azure.net o15.officeredir.microsoft.com *.o365weve.com ocos-office365-s2s.msedge.net ocsa.officeapps.live.com ocsp2.globalsign.com ocsp.digicert.com ocsp.globalsign.com ocsp.int-x3.letsencrypt.org ocsp.msocsp.com ocspx.digicert.com ocsredir.officeapps.live.com ocws.officeapps.live.com odc.officeapps.live.com odcsm.officeapps.live.com office15client.microsoft.com *.office365.com office365servicehealthcommunications.cloudapp.net *.officeapps.live.com officeapps.live.com officecdn.microsoft.com officecdn.microsoft.com.edgesuite.net officeclient.microsoft.com *.office.com *.officeconfig.msocdn.com office.live.com office.microsoft.com *.office.net officepreviewredir.microsoft.com officeredir.microsoft.com officespeech.platform.bing.com ols.officeapps.live.com omextemplates.content.office.net *.omniroot.com oneclient.sfx.ms *.onenote.com *.online.office.com *.onmicrosoft.com osiprod-cus-daffodil-signalr-00.service.signalr.net osiprod-neu-daffodil-signalr-00.service.signalr.net osiprod-weu-daffodil-signalr-00.service.signalr.net osiprod-wus-daffodil-signalr-00.service.signalr.net *.outlook.com *.outlookmobile.com outlook.office365.com *.outlook.office.com outlook.office.com outlook.uservoice.com p100-sandbox.itunes.apple.com partnerservices.getmicrosoftkey.com passwordreset.microsoftonline.com peoplegraph.firstpartyapps.oaspapps.com *.phonefactor.net platform.linkedin.com play.google.com policykeyservice.dc.ad.msft.net *.portal.cloudappsecurity.com portal.microsoftonline.com portal.office.com *.powerapps.com pptcs.officeapps.live.com privatecdn.sharepointonline.com prod.firstpartyapps.oaspapps.com.akadns.net prod.msocdn.com *.protection.office.com protection.office.com *.protection.outlook.com provisioningapi.microsoftonline.com publiccdn.sharepointonline.com *.public-trust.com r1.res.office365.com r3.res.office365.com r3.res.outlook.com r4.res.office365.com rink.hockeyapp.net roaming.officeapps.live.com r.office.microsoft.com s0.assets-yammer.com sas.office.microsoft.com sdk.hockeyapp.net *.search.production.apac.trafficmanager.net *.search.production.emea.trafficmanager.net *.search.production.us.trafficmanager.net secure.aadcdn.microsoftonline-p.com secure.globalsign.com secure.meetup.com *.secure.skypeassets.com *.sfbassets.com *.sharepoint.com *.sharepointonline.com shellprod.msocdn.com signup.live.com signup.microsoft.com *.skype.com *.skypeforbusiness.com skypemaprdsitus.trafficmanager.net smtp.office365.com social.yahooapis.com spoprod-a.akamaihd.net ssw.live.com staffhub.ms staffhub.uservoice.com staffhubweb.azureedge.net static.sharepointonline.com statics.teams.microsoft.com storage.live.com *.streaming.mediaservices.windows.net suite.office.net support.content.office.net support.microsoft.com support.office.com *.svc.ms sway.com *.symcb.com *.symcd.com s.ytimg.com *.teams.microsoft.com teams.microsoft.com technet.microsoft.com telemetryservice.firstpartyapps.oaspapps.com *.tenor.com testconnectivity.microsoft.com tse1.mm.bing.net uci.officeapps.live.com *.urlp.sfbassets.com *.users.storage.live.com *.verisign.com *.verisign.net videocontent.osi.office.net videoplayercdn.osi.office.net view.atdmt.com *.virtualearth.net vortex.data.microsoft.com watson.microsoft.com watson.telemetry.microsoft.com weather.tile.appex.bing.com webanalytics.localytics.com web.localytics.com web.microsoftstream.com wikipedia.firstpartyapps.oaspapps.com *.wns.windows.com wordcs.officeapps.live.com workplaceanalytics.cdn.office.net workplaceanalytics.office.com wus-firstpartyapps.oaspapps.com wus-www.sway-cdn.com wus-www.sway-extensions.com www.acompli.com www.bing.com www.digicert.com www.dropbox.com www.evernote.com www.google-analytics.com www.googleapis.com www.microsoft.com www.office.com www.onedrive.com www.outlook.com www.sway.com www.youtube.com *.yammer.com *.yammerusercontent.com
Ports
For chat:
- http (80)
- https (443)
- udp/3478-3481
Domain list
office.com office365.com office.net onedrive.com sharepoint.com optimizely.com microsoftonline.com production.us.trafficmanager.net microsoft.com live.com oneclient.sfx.ms sharepointonline.com spoprod-a.akamaihd.net prod.msocdn.com svc.ms lync.com broadcast.skype.com skypeforbusiness.com sfbassets.com skypemaprdsitus.trafficmanager.net windows.net msecnd.net aspnetcdn.com live.net aka.ms azure.net windows.com windows.net msedge.net mstea.ms skypeassets.com azureedge.net tenor.com microsoftstream.com assets-yammer.com azureedge.net onenote.com onenote.net aspnetcdn.com optimizely.com msappproxy.net msftidentity.com msidentity.com windowsazure.com microsoftazuread-sso.com microsoftonline-p.net msauth.net msauthimages.net msftauth.net msftauthimages.net phonefactor.net visualstudio.com cloudapp.net staffhub.ms gfx.ms appex.bing.com appex-rf.msn.com getmicrosoftkey.com atdmt.com yammer.com yammerusercontent.com sway-cdn.com sway-extensions.com sway.com
NOTE: Top level domains use used instead of multiple subdomains.
For example, excel.officeapps.microsoft.com, word.officeapps.microsoft.com are abbreviated to just officapps.microsoft.com.
Amend if needed.
IP Ranges
Includes local subnets if not present already.
104.146.128.0/17 104.42.230.91 104.44.218.128/25 104.44.254.128/25 104.44.255.0/25 104.47.0.0/17 13.91.91.243 13.106.4.128/25 13.106.56.0/25 13.107.128.0/22 13.107.136.0/22 13.107.140.6 13.107.18.10/31 13.107.6.152/31 13.107.6.156/31 13.107.6.171 13.107.7.190/31 13.107.9.155/31 13.80.125.22 131.253.33.215 132.245.0.0/16 134.170.172.128/25 134.170.67.0/25 150.171.32.0/22 150.171.40.0/22 157.55.130.0/25 157.55.145.0/25 157.55.155.0/25 157.55.227.192/26 157.55.45.128/25 191.232.2.128/25 191.234.140.0/22 20.190.128.0/18 204.79.197.215 23.103.160.0/20 40.96.0.0/13 40.104.0.0/15 40.107.0.0/16 40.108.128.0/17 40.126.0.0/18 40.81.156.154 40.92.0.0/15 40.90.218.198 52.108.0.0/14 52.100.0.0/14 52.104.0.0/14 52.174.56.180 52.183.75.62 52.184.165.82 52.238.106.116 52.238.78.88 52.247.150.191 52.96.0.0/14 65.54.170.128/25
For the Teams app, these additional IP ranges are needed:
13.107.64.0/18 52.112.0.0/14 52.120.0.0/14
References
blocklists/microsoft/microsoft_office_365.1612724961.txt.gz · Last modified: 2021/02/07 19:09 by peter