136.233.9.88

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 136.233.9.88

Date: 2026-06-07

---

1. Profile Summary

Risk Score: Low (0/100)
Provider: Reliance Jio Infocomm Ltd. (AS55836)
Geolocation: India (IN), Tamil Nadu (TN), Vellore
Network Role: Mobile network (LTE/5G)
Services:

- HTTP/HTTPS on ports 80/443 (nginx/1.24.0)

- Valid TLS certificate (Let’s Encrypt, CN=gravitas.vit.ac.in)

---

2. Threat Observations

Threat Feed Listings:

- Listed in 8 threat feeds (high severity, confidence 85%).

- No confirmed malicious indicators (no malware, C2, or exploit data).

DNS/Email:

- No DNSSEC validation, SPF/DKIM records absent.

- No email-related threats detected.

Network Behavior:

- Stable BGP prefix (136.233.0.0/17) with no recent route changes.

- No signs of spoofing, CDN, or proxy activity.

---

3. Historical Activity

Recent Signals (Last 30 Days):

- TLS Scan (2026-05-29): Valid certificate with TLS 1.3.

- HTTP Scan (2026-05-29): Normal response (nginx server, 200 OK).

- Threat Feed Updates: 19 observations, including 8 high-severity listings.

Stability: No persistent malicious activity detected.

---

4. Relationships & Subnet

Network Relationships:

- Linked to RELIANCEJIO-IN (AS55836) via BGP and ownership.

- No correlated IPs or campaigns identified.

Subnet (136.233.9.88/24):

- 0 active neighbors reported.

- Subnet abuse density: 0% (clean).

---

5. Recommendations

Investigate Threat Listings:

- Verify why this IP appears in 8 threat feeds despite being a legitimate ISP. Potential misconfigurations or false positives.

Monitor TLS/HTTP Services:

- Ensure the Let’s Encrypt certificate is properly configured and revoked if compromised.

Check DNS Security:

- Enable DNSSEC for domains associated with this IP (e.g., `gravitas.vit.ac.in`).

Network Segmentation:

- Segment mobile network traffic from internal systems to limit potential exposure.

---

Conclusion:

This IP is associated with a legitimate mobile ISP in India but appears in multiple threat feeds. While no direct malicious activity is confirmed, the high-severity listings warrant further investigation into potential misconfigurations or false positives. SOC teams should prioritize validating the threat intelligence and securing associated services.

Tools Used: `ipdebrief_profile`, `ipdebrief_history`, `ipdebrief_relationships`, `ipdebrief_neighbors`.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇮🇳 India
Region	Maharashtra
City	Navi Mumbai (Ghansoli)
Timezone	—
Latitude	22.00
Longitude	79.00

🏢 Ownership & Registration

Organization	IRT-RELIANCEJIO-IN
ASN	AS55836
Network Name	RELIANCEJIO-IN
CIDR Block	136.232.0.0/15
RIR	ARIN
Country	IN
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Mobile
Service Purpose	Web Server
Network Tier	Unknown — Insufficient routing data to classify

Mobile

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
Closed Ports	22, 25, 3389, 8080, 8443 (2 open / 7 scanned)

Server	nginx/1.24.0 (Ubuntu)
HTTP Title	—

🔐 TLS Certificate

🔒

CN=gravitas.vit.ac.in

Issued by CN=E8, O=Let's Encrypt, C=US

Self-signed: No

SANs	gravitas.vit.ac.in
Valid From	2026-05-15T10:49:12+00:00
Valid Until	2026-08-13T10:49:11+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	068E1BD7DFBFB42155E038718D01D58B1509
Thumbprint	A2C0E39264DD87FBF2FEA31ED34626FA09E87D93

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	2
routing	25%	1	1
services	27%	2	3
ownership	27%	2	3
reputation	13%	1	2
geolocation	27%	2	2
Overall	24%	10	13

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-14 01:08:29 UTC
Last Seen	2026-06-07 01:14:57 UTC
Profile Built	2026-06-07 01:41:25 UTC
Data Freshness	Live
Signal Types	20
Total Observations	20

🔍 20 signal types · 20 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

136.233.9.88📋 Copy

**1. Profile Summary**

**2. Threat Observations**

**3. Historical Activity**

**4. Relationships & Subnet**

**5. Recommendations**