IP Address: 2a01:111:f403:c10c::1

ℹ️ IP Annotation: Microsoft 365. Exchange Online Protection (EOP).

According to reverse-DNS, this is a host domain utilized by Microsoft 365 (formerly Office 365) to manage and secure outbound email traffic. It acts as a mail transfer agent (MTA) that filters outgoing messages to prevent spam and malicious content. Format: .outbound.protection.outlook.com. However, we've seen actual spoof attempts and SPAM from MS infrastructure so not classing this a confounder.

Last updated: 2/4/2026

ℹ️ Network Annotation: Microsoft Network (365 vs Azure) (IPv6)

Differentiating between Office 365, including email protection services, and Azure (public cloud) when diagnosing incidents is challenging because they utilize shared Microsoft-owned IP ranges. Most of this is probably O365/Outlook or Defender protection breaking DKIM and SPF authentication. Disambiguation is a work-in-progress.

Last updated: 1/31/2026

About this Data

▶

The data here is from DMARC analysis for domains I administer, drawn from a larger dataset (comprising millions of authentication records and messages). These entries are from email attempts that failed both SPF and DKIM (and there are often alignment issues - hidden here). In many cases, these failures indicate unauthorized use of the domain name, and are commonly associated with spoofing, phishing, or other abusive mail activity.

(More)

Geolocation Information

Country:: US United States
Region:: Texas
City:: San Antonio
Coordinates:: 29.4227, -98.4927

WHOIS Information

Network Name:: UK-MICROSOFT-20060601
Owner:: ORG-MA42-RIPE
Reverse DNS:: mail-southcentralusazlp170130001.outbound.protection.outlook.com
Last updated: 2/5/2026

Failures Detected from this IP

Showing 51-55 of 55 (failures, affecting 228 messages)

Date ▼	Messages
9/12/2025	4
9/11/2025	6
9/10/2025	6
9/6/2025	1
9/5/2025	1