# Information Provided By:Insidious
# Filename:official.blueteamshop-47.33.241.1.txt
=======================================================
IP address: 47.33.241.1
Belongs to: Travis James Colt ['official.blueteamshop', 'unknowndarkshadow21'](Age:28)
Possbile address: 1804 Pineridge Dr; Hastings, MI 49058-8125
Possible phone number: +1-616-277-8049(Wireless)
Local IP (Wi-Fi): 192.168.1.119
Hostname: 047-033-241-001.res.spectrum.com
ISP: Charter Communications
Organization: Spectrum
=======================================================
> IP address Information[json]:
=======================================================
{
  "ip": "47.33.241.1",
  "hostname": "047-033-241-001.res.spectrum.com",
  "city": "Whitmore Lake",
  "region": "Michigan",
  "country": "US",
  "loc": "42.4397,-83.7453",
  "org": "AS20115 Charter Communications",
  "postal": "48189",
  "timezone": "America/Detroit",
  "readme": "https://ipinfo.io/missingauth"
}
{
  "status": "success",
  "continent": "North America",
  "continentCode": "NA",
  "country": "United States",
  "countryCode": "US",
  "region": "MI",
  "regionName": "Michigan",
  "city": "Whitmore Lake",
  "district": "",
  "zip": "48189",
  "lat": 42.4289,
  "lon": -83.7828,
  "timezone": "America/Detroit",
  "offset": -14400,
  "currency": "USD",
  "isp": "Charter Communications",
  "org": "Spectrum",
  "as": "AS20115 Charter Communications",
  "asname": "CHARTER-20115",
  "mobile": false,
  "proxy": false,
  "hosting": false,
  "query": "47.33.241.1"
}
{
  "tags": [
    "cwmp", 
    "http", 
    "https"
  ], 
  "443": {
    "https": {
      "tls": {
        "certificate": {
          "parsed": {
            "fingerprint_sha1": "87336fcc8f622e66c33e9655fecee195d5427c24", 
            "tbs_noct_fingerprint": "89164807aa1485c2c32acaf6e10efa48772dc349394f4e8a41c2ce0ad7b3874e", 
            "subject_dn": "C=FR, O=Sagemcom Ca, CN=self-signedKey", 
            "issuer": {
              "common_name": [
                "self-signedKey"
              ], 
              "country": [
                "FR"
              ], 
              "organization": [
                "Sagemcom Ca"
              ]
            }, 
            "tbs_fingerprint": "89164807aa1485c2c32acaf6e10efa48772dc349394f4e8a41c2ce0ad7b3874e", 
            "redacted": false, 
            "validation_level": "unknown", 
            "issuer_dn": "C=FR, O=Sagemcom Ca, CN=self-signedKey", 
            "fingerprint_sha256": "aeb7066e3d07a64eaa3327bdfc01ce1591c9ff54c98db146258cc97ec87d0ee9", 
            "version": 3, 
            "extensions": {
              "authority_key_id": "3cf5b89fa1b988ec14e8859a0373d19663d56b60", 
              "basic_constraints": {
                "is_ca": true
              }, 
              "subject_key_id": "3cf5b89fa1b988ec14e8859a0373d19663d56b60"
            }, 
            "validity": {
              "start": "2011-10-14T12:32:29Z", 
              "length": 3153600000, 
              "end": "2111-09-20T12:32:29Z"
            }, 
            "signature_algorithm": {
              "oid": "1.2.840.113549.1.1.11", 
              "name": "SHA256WithRSA"
            }, 
            "serial_number": "17337485686994924312", 
            "fingerprint_md5": "4d671c8eff209877fc4736c5d4bd46f5", 
            "subject_key_info": {
              "fingerprint_sha256": "7b22deca9b3d96c417ff0745915620edadeb94d031fe32480a501395eddfebf8", 
              "key_algorithm": {
                "name": "RSA"
              }, 
              "rsa_public_key": {
                "length": 1024, 
                "modulus": "1mugJsgQJk6TYmr66CWVJCqf/eay6H4Yr4MpuNgvIameD39aMENypQ+nWFb2zIE3KjL8sidlUEkBF7EpdODEon6hjRLB/TklnXhhAcolqF0Nd9OFQ7xmtv3QCwDxiPFLGnDtPJVRGO134wCakA4b6gCSadt6+BPF58sNYZ57lI8=", 
                "exponent": 65537
              }
            }, 
            "signature": {
              "self_signed": true, 
              "valid": true, 
              "value": "In9d/eNvV3FWjDxQhDg1Q78PYCe+ChrtbJTIvTSiydeEuewmLObfYuzDyLk5rNpGDSx37H2lyaJ3K+oXzr8hC20PMOqG4l2Nmx5+HgQCt8dogPgaWBg7WGPx6fOsfDphSA6mxKf6wxGg0Irg7q9o8+88jeQEf4VKIEfJu+5ZIAw=", 
              "signature_algorithm": {
                "oid": "1.2.840.113549.1.1.11", 
                "name": "SHA256WithRSA"
              }
            }, 
            "spki_subject_fingerprint": "54b58be776819ba0e15f579aa780dc256baf29eec07316cb41299e6a8b14c173", 
            "subject": {
              "common_name": [
                "self-signedKey"
              ], 
              "country": [
                "FR"
              ], 
              "organization": [
                "Sagemcom Ca"
              ]
            }
          }
        }, 
        "cipher_suite": {
          "id": "0x009C", 
          "name": "TLS_RSA_WITH_AES_128_GCM_SHA256"
        }, 
        "version": "TLSv1.2", 
        "session_ticket": {
          "length": 160, 
          "lifetime_hint": 300
        }, 
        "validation": {
          "browser_trusted": false, 
          "browser_error": "x509: unknown error"
        }, 
        "ocsp_stapling": false, 
        "metadata": {}
      }, 
      "dhe_export": {
        "support": false, 
        "metadata": {}
      }, 
      "get": {
        "body": "<!--\r\nCopyright : (C) 2014 Sagemcom - URD2\r\n\r\nThis software and source file is the property of Sagemcom\r\nand may not be copied or used without prior written consent.\r\n-->\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\" class=\"no-js\">\r\n\r\n<head>\r\n\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\" />\r\n\t<meta charset=\"utf-8\" />\r\n\t<meta name=\"sagemcom\" content=\"oui\" />\r\n\t<meta name=\"viewport\" content=\"width=device-width,height=device-height,initial-scale=1.0,user-scalable=no,user-scalable=0\" />\r\n\t<meta http-equiv=\"content-language\" content=\"en\">\r\n\t<base href=\"\" id=\"baseHref\" />\r\n\t<script>\r\n\t\tvar initialRegex = /(.*)\\/.*.html/i;\r\n\t\tvar baseHref = initialRegex.exec(window.location.pathname);\r\n\t\tvar usethis = window.location.pathname;\r\n\t\tif (baseHref) {\r\n\t\t\tusethis = baseHref[1] + '/';\r\n\t\t}\r\n\t\tdocument.getElementById(\"baseHref\").href = usethis;\r\n\t</script>\r\n\t<style>\r\n\t\tmeta.foundation-data-attribute-namespace {\r\n\t\t\tfont-family: false;\r\n\t\t}\r\n\t</style>\r\n\r\n\t<link id=\"favicon\" rel=\"shortcut icon\" href=\"images/faviconNone.ico\" />\r\n\r\n\t<title></title>\r\n\r\n\t<script>\r\n\t\twindow.onerror = function (msg, url, line, col, error) {\r\n\t\t\tif (typeof SboxInterface !== 'undefined') {\r\n\t\t\t\tSboxInterface.RemoveLoader();\r\n\t\t\t\tsetTimeout(function () {\r\n\t\t\t\t\tif (document.getElementById('main-ui-view').innerHTML.length === 0) {\r\n\t\t\t\t\t\tSboxInterface.processHTML('retry');\r\n\t\t\t\t\t}\r\n\t\t\t\t}, 1000);\r\n\t\t\t}\r\n\t\t\treturn false;\r\n\t\t};\r\n\t</script>\r\n\r\n\t<script src=\"js/vendor.js?fd92b2fda8791f9c\"></script>\r\n\r\n\t<script>\r\n\t\t// fix for old code in gui-core relying on $.browser\r\n\t\tif (typeof (jQuery) != 'undefined') {\r\n\t\t\tjQuery.browser = {};\r\n\t\t\tjQuery.browser.msie = false;\r\n\t\t\tjQuery.browser.version = 0;\r\n\t\t\tif (navigator.userAgent.match(/MSIE ([0-9]+)\\./)) {\r\n\t\t\t\tjQuery.browser.msie = true;\r\n\t\t\t\tjQuery.browser.version = RegExp.$1;\r\n\t\t\t} else if (!!navigator.userAgent.match(/Trident\\/7\\./)){\r\n\t\t\t\tjQuery.browser.msie = true;\r\n\t\t\t\tjQuery.browser.version = 11;\r\n\t\t\t}\r\n\t\t} else {\r\n\t\t\tjQuery = {};\r\n\t\t\tjQuery.browser = {};\r\n\t\t\tjQuery.browser.msie = true;\r\n\t\t\tjQuery.browser.version = 8;\r\n\t\t}\r\n\t\tsvg4everybody();\r\n\t</script>\r\n\t<script src=\"js/libs.js?6419a6440e810ab6\"></script>\r\n\r\n\t<script src=\"js/jquery-utils.js\"></script>\r\n\t<script src=\"js/gui-core.js\"></script>\r\n\t<script src=\"js/gui-api.js\"></script>\r\n\t<script src=\"js/gui-widgets.js\"></script>\r\n\t\r\n\t<script src=\"js/scripts.js?5d6a00df620587a2\"></script>\r\n\t\r\n\t<script src=\"js/config.js?414a453096689b97\"></script>\r\n\r\n\t<link rel=\"stylesheet\" href=\"styles/vendor.css\">\r\n\t<link rel=\"stylesheet\" href=\"styles/vendor-rtl.css\"/>\r\n\r\n\t<link rel=\"stylesheet\" href=\"styles/lib.css\">\r\n\r\n\t<!--[if IE 8]>\r\n\t<link rel=\"stylesheet\" href=\"../styles/foundation-ie8.css\" />\r\n\t<![endif]-->\r\n\r\n\t<link rel=\"stylesheet\" href=\"styles/main.css\">\r\n\t<link rel=\"stylesheet\" href=\"styles/main-rtl.css\"/>\r\n\r\n\r\n\r\n\t<link rel=\"stylesheet\" href=\"styles/dev.css\">\r\n\t<link rel=\"stylesheet\" href=\"styles/dev-rtl.css\"/>\r\n</head>\r\n\r\n<body ng-app=\"sboxApp\" ng-class=\"isMainTemplate ? '' : 'bg-gradient'\" class=\"bg-gradient-force\">\r\n\t<div wait></div>\r\n\t<div id=\"main-ui-view\" class=\"zoomViewport\" ui-view></div>\r\n</body>\r\n\r\n</html>\r\n", 
        "title": "", 
        "status_code": 200, 
        "status_line": "200 OK", 
        "headers": {
          "content_length": "3255", 
          "unknown": [
            {
              "key": "date", 
              "value": "Mon, 18 Oct 2021 17:58:12 GMT"
            }, 
            {
              "key": "etag", 
              "value": "\"-508645793\""
            }
          ], 
          "server": "HTTP Server", 
          "last_modified": "Thu, 19 Dec 2019 11:57:15 GMT", 
          "content_type": "text/html", 
          "accept_ranges": "bytes"
        }, 
        "body_sha256": "616c609ca2c692402b36d163efde1506fd2255d9945bd1119a874153eb3fd695", 
        "metadata": {
          "product": "HTTP", 
          "description": "HTTP"
        }
      }, 
      "dhe": {
        "support": false, 
        "metadata": {}
      }, 
      "ssl_3": {
        "support": true, 
        "metadata": {}
      }, 
      "heartbleed": {
        "heartbeat_enabled": true, 
        "heartbleed_vulnerable": false, 
        "metadata": {}
      }, 
      "rsa_export": {
        "support": false, 
        "metadata": {}
      }
    }
  }, 
  "ip": "47.33.241.1", 
  "updated_at": "2021-10-22T12:21:25+00:00", 
  "autonomous_system": {
    "description": "CHARTER-20115", 
    "rir": "unknown", 
    "routed_prefix": "47.33.224.0/19", 
    "country_code": "US", 
    "path": [
      11164, 
      20115
    ], 
    "asn": 20115, 
    "name": "CHARTER-20115"
  }, 
  "location": {
    "province": "Michigan", 
    "city": "Whitmore Lake", 
    "country": "United States", 
    "longitude": -83.7828, 
    "registered_country": "United States", 
    "registered_country_code": "US", 
    "postal_code": "48189", 
    "country_code": "US", 
    "latitude": 42.4289, 
    "timezone": "America/Detroit", 
    "continent": "North America"
  }, 
  "ports": [
    443, 
    7547
  ], 
  "protocols": [
    "443/https", 
    "7547/cwmp"
  ], 
  "7547": {
    "cwmp": {
      "get": {
        "headers": {
          "content_length": "0", 
          "www_authenticate": "Digest realm=\"Sagemcom TR-069\", qop=\"auth,auth-int\", nonce=\"616ff715cb619a537362\", opaque=\"22f1ad33\"", 
          "server": "gSOAP/2.7"
        }, 
        "metadata": {}, 
        "status_line": "401 Unauthorized", 
        "status_code": 401
      }
    }
  }
}
=======================================================
> WHOIS Data:
=======================================================
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2021, American Registry for Internet Numbers, Ltd.
#


NetRange:       47.32.0.0 - 47.51.255.255
CIDR:           47.48.0.0/14, 47.32.0.0/12
NetName:        CC04
NetHandle:      NET-47-32-0-0-1
Parent:         NET47 (NET-47-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   Charter Communications (CC04)
RegDate:        2014-12-23
Updated:        2014-12-23
Ref:            https://rdap.arin.net/registry/ip/47.32.0.0



OrgName:        Charter Communications
OrgId:          CC04
Address:        6175 S. Willow Dr
City:           Greenwood Village
StateProv:      CO
PostalCode:     80111
Country:        US
RegDate:        
Updated:        2021-09-20
Ref:            https://rdap.arin.net/registry/entity/CC04


OrgTechHandle: IPADD14-ARIN
OrgTechName:   IPADD2-ARIN
OrgTechPhone:  +1-866-248-7662 
OrgTechEmail:  PublicIPAddressing@charter.com
OrgTechRef:    https://rdap.arin.net/registry/entity/IPADD14-ARIN

OrgAbuseHandle: ABUSE19-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-877-777-2263 
OrgAbuseEmail:  abuse@charter.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE19-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2021, American Registry for Internet Numbers, Ltd.
#
=======================================================
> NMap Scan Report:
=======================================================
# Nmap 7.92 scan initiated Sat Oct 23 17:07:39 2021 as: nmap -v -A -T4 --script vuln -oA 47.33.241.1-nmapreport 47.33.241.1
Nmap scan report for 047-033-241-001.res.spectrum.com (47.33.241.1)
Host is up (0.013s latency).
Not shown: 999 filtered tcp ports (no-response)
PORT    STATE SERVICE  VERSION
443/tcp open  ssl/http lighttpd
|_http-dombased-xss: Couldn't find any DOM based XSS.
|_http-server-header: HTTP Server
| ssl-poodle: 
|   VULNERABLE:
|   SSL POODLE information leak
|     State: LIKELY VULNERABLE
|     IDs:  CVE:CVE-2014-3566  BID:70574
|           The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other
|           products, uses nondeterministic CBC padding, which makes it easier
|           for man-in-the-middle attackers to obtain cleartext data via a
|           padding-oracle attack, aka the "POODLE" issue.
|     Disclosure date: 2014-10-14
|     Check results:
|       TLS_RSA_WITH_AES_128_CBC_SHA
|       TLS_FALLBACK_SCSV properly implemented
|     References:
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
|       https://www.imperialviolet.org/2014/10/14/poodle.html
|       https://www.securityfocus.com/bid/70574
|_      https://www.openssl.org/~bodo/ssl-poodle.pdf
|_http-csrf: Couldn't find any CSRF vulnerabilities.
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
|_http-trane-info: Problem with XML parsing of /evox/about
| http-vuln-cve2010-0738: 
|_  /jmx-console/: Authentication was not required
|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: bridge|general purpose|switch
Running (JUST GUESSING): Oracle Virtualbox (98%), QEMU (93%), Bay Networks embedded (88%)
OS CPE: cpe:/o:oracle:virtualbox cpe:/a:qemu:qemu cpe:/h:baynetworks:baystack_450
Aggressive OS guesses: Oracle Virtualbox (98%), QEMU user mode network gateway (93%), Bay Networks BayStack 450 switch (software version 3.1.0.22) (88%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 2 hops
TCP Sequence Prediction: Difficulty=17 (Good luck!)
IP ID Sequence Generation: Incremental

TRACEROUTE (using port 80/tcp)
HOP RTT      ADDRESS
1   15.72 ms 10.0.2.2
2   13.77 ms 047-033-241-001.res.spectrum.com (47.33.241.1)

Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Oct 23 17:10:21 2021 -- 1 IP address (1 host up) scanned in 162.71 seconds
=======================================================