OSContext Notes.md 832 B
OS Context
OSC is a DNS based threat intel API we use. George is the SME. We have to give them our external IPs to whitelist. Here's the current list they have as of 2020-10-28:
3.234.58.237 # AFS XDR - Phantom EIP
54.147.226.25 # AFS XDR - Outbound NAT GW us-east-1 infra
35.174.210.165 # AFS XDR - Outbound NAT GW us-east-1 infra
54.80.77.150 # AFS XDR - Outbound NAT GW us-east-1 infra
18.252.22.97 # AFS XDR - New Resolver Govcloud
54.90.6.188 # AFS XDR - New Resolver Commercial
52.202.168.210 # AFS XDR - Test Phantom EIP
OS Context Wiki Page
XDR Wiki - Open Source Context - Passive DNS
dig -t txt tor.domain.v.ble.oscontext.com.