If it is missing subnets in ISDB, verify in the CLI if these IPs are part of any ISDBs.

To match 52.96.0.0/16, run the following command:

# diagnose internet-service match root 52.96.0.0 255.252.0.0

The output shows all Internet Services that are matched:

Internet Service: 11337935(Malicious-Malicious.Server), matched num: 8
Internet Service: 327880(Microsoft-Office365.Published), matched num: 3145728
Internet Service: 327902(Microsoft-Office365.Published.Optimize), matched num: 3145728
Internet Service: 327791(Microsoft-Outlook), matched num: 262144
Internet Service: 327786(Microsoft-Azure), matched num: 512
Internet Service: 327681(Microsoft-Web), matched num: 1048576
Internet Service: 327682(Microsoft-ICMP), matched num: 262144
Internet Service: 327683(Microsoft-DNS), matched num: 524288
Internet Service: 327684(Microsoft-Outbound_Email), matched num: 1048576
Internet Service: 327686(Microsoft-SSH), matched num: 262144
Internet Service: 327687(Microsoft-FTP), matched num: 524288
Internet Service: 327688(Microsoft-NTP), matched num: 524288
Internet Service: 327689(Microsoft-Inbound_Email), matched num: 1048576
Internet Service: 327694(Microsoft-LDAP), matched num: 1048576
Internet Service: 327695(Microsoft-NetBIOS.Session.Service), matched num: 524288
Internet Service: 327696(Microsoft-RTMP), matched num: 524288
Internet Service: 327704(Microsoft-NetBIOS.Name.Service), matched num: 262144
Internet Service: 327680(Microsoft-Other), matched num: 524288

If this is not correct, raise a query with the ISDB team using this link: -https://www.fortiguard.com/faq/isdb-contact