AnsweredAssumed Answered

Is the ESA Advanced Threat Detection Who IS Service Down?

Question asked by David Waugh on Nov 1, 2018
Latest reply on Nov 5, 2018 by Marinos Roussos

Hi I check every hour if the whois service is returning a response for google.com

 

Sometime between 04:14 and 005:14 UTC on 1st November 2018, the service no longer seems to be working.

 

I can request an auth token, but dont get any response:

 

./cloud-whois-bank.sh google.com
Authenticate:
curl -sk -H "Content-Type: application/json" -X POST -d "{"X-Auth-Username":"BLAH","X-Auth-Password":"BLAH"}" "https://cms.netwitness.com/authlive/authenticate/WHOIS" -D /tmp/resp_headers.yQzaET -o /dev/null
Query: /usr/bin/curl -sk -H "Content-Type: application/json" -H "X-Auth-Token: eyJpc3MiOiJMSVZFX0FVVEhFTlRJQ0FUSU9OIiwic3ViIjoiV0hPSVMiLCJhdWQiOnsiTGl2ZS1Vc2VybmFtZSI6ImJhbmtvZmVuZ2xhbmRsaXZlQGJhbmtvZmVuZ2xhbmQuY28udWsifSwiZXhwIjoxNTQxMDc0MDg3MTA3LCJhbGciOiJIbWFjU0hBMjU2In0=.IfBp2rdB4oMJOCyxo42E8925g0iI+KC3jfvW12hxd/k=" "https://cms.netwitness.com/whois/query/google.com" | tr -d '\r' | python -m json.tool
No JSON object could be decoded
[328779@HO-SA-ESA ~]$ ./cloud-whois-bank.sh google.com/usr/bin/curl -sk -H "Content-Type: application/json" -H "X-Auth-Token: eyJpc3MiOiJMSVZFX0FVVEhFTlRJQ0FUSU9OIiwic3ViIjoiV0hPSVMiLCJhdWQiOnsiTGl2ZS1Vc2VybmFtZSI6ImJhbmtvZmVuZ2xhbmRsaXZlQGJhbmtvZmVuZ2xhbmQuY28udWsifSwiZXhwIjoxNTQxMDc0MDg3MTA3LCJhbGciOiJIbWFjU0hBMjU2In0=.IfBp2rdB4oMJOCyxo42E8925g0iI+KC3jfvW12hxd/k=" "https://cms.netwitness.com/whois/query/google.com"

 

Can anyone confirm if the whois service is actually working for them?

Outcomes