IP Address: 2a01:111:f403:c103::5

ℹ️ IP Annotation: Microsoft 365. Exchange Online Protection (EOP).

According to reverse-DNS, this is a host domain utilized by Microsoft 365 (formerly Office 365) to manage and secure outbound email traffic. It acts as a mail transfer agent (MTA) that filters outgoing messages to prevent spam and malicious content. Format: .outbound.protection.outlook.com. However, we've seen actual spoof attempts and SPAM from MS infrastructure so not classing this a confounder.

Last updated: 2/4/2026

ℹ️ Network Annotation: Microsoft Network (365 vs Azure) (IPv6)

Differentiating between Office 365, including email protection services, and Azure (public cloud) when diagnosing incidents is challenging because they utilize shared Microsoft-owned IP ranges. Most of this is probably O365/Outlook or Defender protection breaking DKIM and SPF authentication. Disambiguation is a work-in-progress.

Last updated: 1/31/2026

About this Data

▶

The data here is from DMARC analysis for domains I administer, drawn from a larger dataset (comprising millions of authentication records and messages). These entries are from email attempts that failed both SPF and DKIM (and there are often alignment issues - hidden here). In many cases, these failures indicate unauthorized use of the domain name, and are commonly associated with spoofing, phishing, or other abusive mail activity.

(More)

Geolocation Information

Country:: CA Canada
Region:: Ontario
City:: Toronto
Coordinates:: 43.6547, -79.3623

WHOIS Information

Network Name:: UK-MICROSOFT-20060601
Owner:: ORG-MA42-RIPE
Reverse DNS:: mail-canadacentralazlp170110005.outbound.protection.outlook.com
Last updated: 2/5/2026

Failures Detected from this IP

Showing 1-14 of 14 (failures, affecting 18 messages)

Date ▲	Messages
2/14/2025	4
2/26/2025	1
3/12/2025	1
6/4/2025	1
7/1/2025	1
10/2/2025	1
11/13/2025	1
12/13/2025	2
1/9/2026	1
1/10/2026	1
1/14/2026	1
1/17/2026	1
1/28/2026	1
1/31/2026	1