OSContext Notes.md 623 B
OS Context
OSC is a DNS based threat intel API we use. George is the SME. We have to give them our external IPs to whitelist. Here's the current list they have as of 2022-09-01:
Production
18.252.22.97 # resolver-0
18.252.131.159 # resolver-1
Test/dev/not-prod
18.252.89.57 # resolver-0
18.252.85.155 # resolver-1
54.211.142.254 # CaaSP
OS Context Wiki Page
XDR Wiki - Open Source Context - Passive DNS
dig -t txt tor.domain.v.ble.oscontext.com.