@Paul Andrew it looks like I'm not using "font door" in the right context.

I'm trying to find out all of the endpoints that host Office 365, while Microsoft publishes what you see in the browser e.g. company.sharepoint.com, in the Office 365 URLs and IP address ranges page, there are other hosts behind the URLs that are not in the public documentation. For example in the screen shot I've attached microsoft.sharepoint.com resolves to spo-0004.spo-msedge.net.

Why am I looking for this?

Picture a network where you selectively allow which internet hosts you're allow to resolve, and you want to manage a white list of every internet based domain you're allowed to resolve while not allowing recursive DNS lookups.

@Daniel Letsinger Hi Daniel, restricted DNS lookup is not supported. We don't publish intermediary DNS CNAMEs because they are not required for perimeter network configuration. We also don't publish changes that occur in intermediary DNS CNAMEs which is the real problem you would face. Here's a FAQ about the issue: https://docs.microsoft.com/en-us/office365/enterprise/managing-office-365-endpoints#some-office-365-...

Regards,

Paul

@Paul Andrew 

Thanks for confirming Paul! I've opened a ticket with Microsoft and received the same guidance.