Check an IP Address, Domain Name, Subnet, or ASN

80.66.83.80 was found in our database!

$ whois 80.66.83.80

country·🇷🇺 Russia

isp·Bashinskii Vadim Ruslanovich

asn·AS216473

network·Standard

$ sikker risk 80.66.83.80scoring →

confidence

99%Very High

first_seen·Mar 25, 2026

last_seen·3d ago

sessions·2,954

events·2,955

$ sikker protocols 80.66.83.80

RDP

2,818 / 2,819

HTTP

105 / 105

HTTPS

19 / 19

SSH

12 / 12

$ sikker summary 80.66.83.80

80.66.83.80 has a threat confidence score of 99%. This IP address from Russia (AS216473, Bashinskii Vadim Ruslanovich) has been observed in 2,954 honeypot sessions targeting RDP, HTTP, HTTPS, SSH protocols. First observed on March 25, 2026, most recently active May 8, 2026.

$ sikker behaviors 80.66.83.80catalog →

mediumRdp Legacy Plaintext Authentication Attempt297x

Identifies RDP clients attempting authentication using the legacy RDP security mode where credentials are exchanged through the older RDP security layer instead of Network Level Authentication (NLA). This indicates the client negotiated legacy plaintext authentication during the RDP security handshake

mediumRdp Nla Ntlm Authentication Attempt256x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttp Bad Request Route Probe23x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 80.66.83.80

rdp_legacy_plaintext_authenthication298 rdp_nla_ntlm_auth256 http_method_get57 http_path_bad_request57

$ sikker related 80.66.83.80

🇷🇺·More threats fromRussia→AS·More threats fromBashinskii Vadim Ruslanovich→RDP·More threats targetingRDP→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→SSH·More threats targetingSSH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
80.66.83.43	100%	9,684
80.66.83.63	87%	106
80.66.83.75	96%	1,930
80.66.83.74	97%	1,089
80.66.83.32	53%	89

IP Address	Confidence	Events
85.12.240.14	48%	537
195.149.196.234	18%	67
37.230.150.13	60%	4
178.206.43.179	65%	6
109.61.211.197	35%	3