Telnet Command Sh

Telnet command input sh, commonly used to invoke the system shell (Bourne shell) on Unix or Unix-like systems. It may be issued to spawn a new shell instance, execute inline commands, or escape from a restricted CLI environment into a standard operating system shell. regex:

Observed IPs

34,271

Avg Confidence

76%

Protocol

TELNET

Top IPs by event count

IP Address	Risk	Events	Sessions	Country	ASN	Last Seen
185.16.39.79	100%	1,287,701	25,650	🇵🇱 PL	AS201814	2026-03-17
103.93.93.211	100%	142,130	10,966	🇮🇩 ID	AS141140	2026-04-04
161.97.148.194	100%	136,089	60,868	🇫🇷 FR	AS51167	2026-03-12
103.93.93.182	100%	92,312	6,841	🇮🇩 ID	AS141140	2026-04-04
102.212.40.100	100%	57,520	3,466	🇳🇬 NG	AS329244	2026-03-18
130.12.180.37	92%	44,671	44,441	🇳🇱 NL	AS202412	2026-03-14
130.12.180.106	100%	37,892	2,509	🇺🇸 US	AS202412	2026-03-01
77.45.86.115	96%	37,226	1,552	🇵🇱 PL	AS35191	2026-03-03
103.13.138.22	100%	31,726	3,100	🇮🇩 ID	AS150215	2026-04-13
223.123.38.36	100%	27,147	1,978	🇵🇰 PK	AS138423	2026-04-17
103.184.56.249	97%	25,666	196	🇮🇩 ID	AS149667	2026-02-25
223.123.38.33	100%	25,311	1,732	🇵🇰 PK	AS138423	2026-04-13
103.156.221.253	97%	25,219	195	🇮🇩 ID	AS149667	2026-02-26
223.123.43.1	100%	24,446	1,583	🇵🇰 PK	AS138423	2026-04-13
223.123.43.69	100%	24,235	1,730	🇵🇰 PK	AS138423	2026-04-18
223.123.43.5	100%	23,915	2,061	🇵🇰 PK	AS138423	2026-04-18
223.123.43.7	100%	23,745	1,648	🇵🇰 PK	AS138423	2026-04-10
223.123.38.34	100%	22,866	1,947	🇵🇰 PK	AS138423	2026-04-18
103.184.56.241	92%	22,538	178	🇮🇩 ID	AS149667	2026-04-02
223.123.38.35	100%	22,352	1,778	🇵🇰 PK	AS138423	2026-04-17