# OS Context

OSC is a DNS based threat intel API we use.  George is the SME.  We have to give them
our external IPs to whitelist.  Here's the current list they have as of 2020-10-28:

```

3.234.58.237    # AFS XDR - Phantom EIP
54.147.226.25   # AFS XDR - Outbound NAT GW us-east-1 infra
35.174.210.165  # AFS XDR - Outbound NAT GW us-east-1 infra
54.80.77.150    # AFS XDR - Outbound NAT GW us-east-1 infra
18.252.22.97    # AFS XDR - New Resolver Govcloud
54.90.6.188     # AFS XDR - New Resolver Commercial

52.202.168.210  # AFS XDR - Test Phantom EIP

```

## OS Context Wiki Page

https://github.xdr.accenturefederalcyber.com/MDR-Content/mdr-content/wiki/Reference%3A-Threat-Intel-Vendor-Services#open-source-context---passive-dns

`dig -t txt tor.domain.v.ble.oscontext.com.`