Sign-in event application "Office 365 Exchange Online" but Exchange is on prem?

Copper Contributor



Looking at our Risky Sign-Ins > Sign-in Events, we noticed a large number of successful sign-ins from a potentially malicious IP for the "Office 365 Exchange Online" application.


We host Exchange on premise and have no OWA. Users would get error 500 if trying to login to


Any insights on what this successful login could be?



0 Replies