Sh4mefulIP Address: 52.101.56.140 โ IP Confounder
Covers 52.100-103.x.x outbound; PTR: *.outbound.protection.outlook.com
Differentiating between Office 365, including email protection services, and Azure (public cloud) when diagnosing incidents is challenging because they utilize shared Microsoft-owned IP ranges. Most of this is probably O365/Outlook or Defender protection breaking DKIM and SPF authentication. Disambiguation is a work-in-progress.
This page shows DMARC authentication failure data for this IP address. Learn more about this data.
Geolocation Information
- Country:
- US United States
- Region:
- Virginia
- City:
- Boydton
- Coordinates:
- 36.6694, -78.3877
WHOIS Information
- Network Name:
- MSFT
- CIDR:
52.96.0.0/12, 52.112.0.0/14- Owner:
- Microsoft Corporation
- Org ID:
MSFT- Address:
- One Microsoft Way, Redmond, WA 98052
- Reverse DNS:
-
mail-eastus2azon11020140.outbound.protection.outlook.com
Last updated: 2/5/2026
Analysis
This IP was observed on a single date: January 13, 2026. It has been associated with 1 failed authentication event affecting 1 message โ a single isolated event. The IP belongs to MSFT (Microsoft Corporation), a network with activity associated with United States. 8 other IPs in the same /24 subnet (52.101.56.*) also appear in this dataset.
Network Topology
External Reputation Lookups
Look up this IP in external threat intelligence and reputation databases (opens in new tab):
Nearby IPs
Other IPs in the 52.101.56.0/24 range observed failing DMARC:
52.101.56.74 (3 failures), 52.101.56.104 (2 failures), 52.101.56.71 (2 failures), 52.101.56.117 (1 failure), 52.101.56.111 (1 failure), 52.101.56.118 (1 failure), 52.101.56.119 (1 failure), 52.101.56.107 (1 failure)