If your friend received that address from "his IR exchange in Australia", one would think it would be one of their addresses. It doesn't make any sense that IR would be providing anyone an address for a different service such as Kraken.
I suspect that he means:
"My friend looked at his transaction history on IR to see where the bitcoins were sent to."
Not:
"My friend got an address from IR and then used that address to send the bitcoins to me."
When you asked "Where did your friend obtain the 1NxR3TLr1AXYYodX7EC2PVYqWL1XuQcC8m address", I think the OP didn't realize that you meant:
"How did your friend choose an address to send the bitcoins to?"
And instead accidentally thought that you meant:
"How did you determine that the address 1NxR3TLr1AXYYodX7EC2PVYqWL1XuQcC8m was the one you had used?"
If so, have you contacted IR support to see if it is one of their own addresses? Of course, if he didn't really "receive it" from "his IR exchange" and instead used an address that he had previously sent bitcoin to from IR in error he would probably know who that was based on his transaction history at IR who that address belonged to.
These are possibilities, but I suspect that the more likely scenario is a mis-communiation between yourself and OP.
As DannyHamilton said above, something got messed up in one of the listed steps. It seems prudent to verify that the address "1NxR3TLr1AXYYodX7EC2PVYqWL1XuQcC8m" actually was provided by IR *or* whether it was something your friend had sent to previously, *or* if that address was changed by malware on either of your machines.
Yes. The important question that ONLY the OP and his friend can answer is:
"What was communicated when you were getting ready to send the transaction, and where did that information come from?"
If it was provided by IR, why are they providing addresses for different services?
I doubt that they are.