IP Address: 52.101.48.30 ⚠ IP Confounder

⚠ IP Confounder Detected: Microsoft 365 Exchange Online Protection (EOP)
Covers 52.100-103.x.x outbound; PTR: *.outbound.protection.outlook.com

ℹ️ Network Annotation: Microsoft Network (365 vs Azure)

Differentiating between Office 365, including email protection services, and Azure (public cloud) when diagnosing incidents is challenging because they utilize shared Microsoft-owned IP ranges. Most of this is probably O365/Outlook or Defender protection breaking DKIM and SPF authentication. Disambiguation is a work-in-progress.

Last updated: 1/29/2026

This page shows DMARC authentication failure data for this IP address. Learn more about this data.

Geolocation Information

Country:: US United States
Region:: Washington
Coordinates:: 47.6109, -122.3303

WHOIS Information

Network Name:: MSFT
CIDR:: 52.96.0.0/12, 52.112.0.0/14
Owner:: Microsoft Corporation
Org ID:: MSFT
Address:: One Microsoft Way, Redmond, WA 98052
Reverse DNS:: mail-westus2azon11012030.outbound.protection.outlook.com
Last updated: 4/2/2026

Analysis

This IP was observed on a single date: February 24, 2026. It has been associated with 1 failed authentication event affecting 1 message — a single isolated event. The IP belongs to MSFT (Microsoft Corporation), a network with activity associated with United States. 3 other IPs in the same /24 subnet (52.101.48.*) also appear in this dataset.

Network Topology

Failures Detected from this IP

Showing 1-1 of 1 failures, affecting 1 message

Date ▼	Messages
2/24/2026	1

External Reputation Lookups

Look up this IP in external threat intelligence and reputation databases (opens in new tab):

AbuseIPDB Cisco Talos Project Honey Pot GreyNoise VirusTotal Shodan Censys Spamhaus

Nearby IPs

Other IPs in the 52.101.48.0/24 range observed failing DMARC:

52.101.48.106 (1 failure), 52.101.48.113 (1 failure), 52.101.48.2 (1 failure)