If I understood it correctly it tells the browser iranok to run scripts from all these origins. No idea why there are so many malware associated domains here. Maybe zoom’s ceo could enlighten us. Probably because of the virus and unexpected growth I’m sure.
The domains are likely in the whitelist as their report-uri was getting spammed with reports from users that have adware/malware extensions in their browser.
These extensions inject their own scripts into the page which will then fail based on the CSP and send a report to the server. In an ideal world you would just 'ignore' these reports server-side instead of whitelisting the domains.
