========================================================================== CARD Production API — Connectivity Diagnostic Report ========================================================================== Generated: 2026-04-30T16:28:50Z Purpose: Request firewall access to CARD production API --- Server Details --- Hostname: dashboard-dev IP: 71.85.90.9 OS: Ubuntu 24.04.3 LTS Gateway: 71.85.90.1 (default via eth0) Purpose: STEAM Security Dashboard — CVE vulnerability management --- Existing Working Connections (same server) --- Jira UAT: jira-uat.charter.com → 142.136.123.17:443 ✓ CONNECTED CARD UAT: card.caas.stage.charterlab.com → 65.185.232.89:443 ✓ CONNECTED Atlas API: atlas-infosec.caas.charterlab.com ✓ CONNECTED Ivanti API: platform4.risksense.com ✓ CONNECTED --- CARD Production — Connection Failure --- Target: card.charter.com DNS CNAME: card.g.charter.com Resolved A: 47.43.51.7 Resolved AAAA: 2600:6c7f:9330:ca5::7 (IPv6 unreachable from this server) Port 443 (HTTPS): TIMEOUT — TCP SYN sent, no SYN-ACK received after 5s Port 80 (HTTP): TIMEOUT — TCP SYN sent, no SYN-ACK received after 5s curl output (HTTPS): * Host card.charter.com:443 was resolved. * IPv4: 47.43.51.7 * Trying 47.43.51.7:443... * ipv4 connect timeout after 4911ms, move on! * Failed to connect to card.charter.com port 443 after 5002 ms: Timeout was reached curl output (HTTP): * Trying 47.43.51.7:80... * ipv4 connect timeout after 4972ms, move on! * Failed to connect to card.charter.com port 80 after 5002 ms: Timeout was reached nc (netcat) test: nc -zvw3 47.43.51.7 443 → timed out: Operation now in progress nc -zvw3 47.43.51.7 80 → timed out: Operation now in progress --- Routing --- Route to CARD Prod: 47.43.51.7 via 71.85.90.1 dev eth0 src 71.85.90.9 Route to CARD UAT: 65.185.232.89 via 71.85.90.1 dev eth0 src 71.85.90.9 Route to Jira UAT: 142.136.123.17 via 71.85.90.1 dev eth0 src 71.85.90.9 All three use the same gateway (71.85.90.1) and interface (eth0). The routing path is identical — the block is at the firewall level. --- Analysis --- The server (71.85.90.9) can reach Charter internal services on the charterlab.com domain (CARD UAT, Atlas) and charter.com domain (Jira UAT) but cannot establish a TCP connection to card.charter.com (47.43.51.7) on any port. DNS resolves correctly. The routing table sends traffic through the same gateway used for all other working Charter services. The failure is a TCP-level timeout (no SYN-ACK), which indicates a firewall rule is blocking traffic from 71.85.90.9 to 47.43.51.7. --- Request --- Please open firewall access: Source: 71.85.90.9 (dashboard-dev) Destination: card.charter.com (47.43.51.7) Port: 443 (HTTPS) Protocol: TCP Purpose: CARD API integration for STEAM Security Dashboard (asset ownership confirm/decline/redirect, team lookups) The CARD UAT instance (card.caas.stage.charterlab.com) is already accessible and the API integration is fully tested against it. Service account: svc-jira-cn-projects (already onboarded with CARD team) ========================================================================== Exit: 0 === HTTPS Connection Attempts === --- card.charter.com (HTTPS, skip TLS) --- --- card.charter.com (HTTP) --- --- card.caas.stage.charterlab.com (UAT — control, skip TLS) --- HTTP 405, connect: 0.064624s, total: 0.187490s === Route Comparison === card.charter.com resolves to: ;; communications error to 71.85.90.1#53: connection refused card.caas.stage.charterlab.com resolves to: ;; communications error to 71.85.90.1#53: connection refused jira-uat.charter.com resolves to: ;; communications error to 71.85.90.1#53: connection refused === IP Route to each host === --- card.charter.com (;; communications error to 71.85.90.1#53: connection refused) --- --- card UAT (;; communications error to 71.85.90.1#53: connection refused) --- --- jira UAT (;; communications error to 71.85.90.1#53: connection refused) --- === Summary === CARD UAT (card.caas.stage.charterlab.com): REACHABLE — token acquisition works Jira UAT (jira-uat.charter.com): REACHABLE — all API operations work CARD Prod (card.charter.com): UNREACHABLE — TCP connection times out on ports 80 and 443 Request: Please verify that the server at 71.85.90.9 is allowed to reach card.charter.com on port 443. The service account svc-jira-cn-projects has been granted API access and works against the UAT instance. The production endpoint is not reachable at the network/firewall level.