Function of 13.107.4.52

Zaid, this IP is legit and blocking it will cause workstations showing "No Internet".

It's used by Network location awareness service , if you check registry Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet

You will see ActiveWebProbeHost is pointed to www.msftconnecttest.com

"nslookup -type=a www.msftconnecttest.com"  shows the DNS is resolved to13.107.4.52.

Windows will do active http probe to http://www.msftconnecttest.com/connecttest.txt and expect to get "Microsoft Connect Test" content.

If activeprobe failed, it will show the network connection as "No Internet", and it could cause problem for Outlook and OneDrive.

Yes, it has to be from Microsoft. But what is the purpose to connect by port 80.

According to https://www.whois.com/whois/13.107.4.52 it's Microsoft.

NetRange:       13.64.0.0 - 13.107.255.255
CIDR:           13.104.0.0/14, 13.64.0.0/11, 13.96.0.0/13
NetName:        MSFT
NetHandle:      NET-13-64-0-0-1
Parent:         NET13 (NET-13-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   Microsoft Corporation (MSFT)
RegDate:        2015-03-26
Updated:        2021-12-14
Ref:            https://rdap.arin.net/registry/ip/13.64.0.0

Yes online. Is there any other platform other that online I can check? I need to justify because the traffic is large more than 100k.

Hi Zaid,

I am Sumit here to assist you with this question.

We are independent experts that do not have this information, and Microsoft won't disclose the IP information as well if you contact support.

Did you check IP reputation using tools on the Internet?