When trying to take an action with messages in the a person's inbox using the spamreporter tool, either to report a spam or to block a message, generates a 403 error "Access Forbidden".
The O365 tenant is locked-down to prevent any API access from external services.
When you click on any action in SRC365, a call is made to a central server here @ Vircom that has Vircom do an API call to Office365 to fetch information about the email you want to block/allow/report. Namely header information (from/to/subject). In some cases, clients have implemented extra hardening that causes O365 to reject any external connections to fetch information from the O365 tenant. Basically a client Access Rule that restricts connections.
The IP Addresses are those belonging to our SpamReporter central server that handle these calls.