Telnet Command Sh

Telnet command input sh, commonly used to invoke the system shell (Bourne shell) on Unix or Unix-like systems. It may be issued to spawn a new shell instance, execute inline commands, or escape from a restricted CLI environment into a standard operating system shell. regex:

Observed IPs

22,390

Avg Confidence

76%

Protocol

TELNET

Top IPs by event count

IP Address	Risk	Events	Sessions	Country	ASN	Last Seen
185.16.39.79	100%	1,287,649	25,598	🇵🇱 PL	AS201814	2026-03-02
204.76.203.6	100%	683,509	16,530	🇳🇱 NL	AS51396	2026-02-06
103.93.93.211	100%	136,804	5,648	🇮🇩 ID	AS141140	2026-03-02
103.93.93.182	100%	89,410	3,939	🇮🇩 ID	AS141140	2026-03-03
102.212.40.100	100%	57,512	3,458	🇳🇬 NG	AS329244	2026-03-02
130.12.180.106	100%	37,892	2,509	🇺🇸 US	AS202412	2026-03-01
77.45.86.115	96%	37,105	1,431	🇵🇱 PL	AS35191	2026-02-28
103.13.138.22	100%	29,851	1,225	🇮🇩 ID	AS150215	2026-03-03
223.123.38.36	100%	26,234	1,065	🇵🇰 PK	AS138423	2026-03-02
103.184.56.249	97%	25,666	196	🇮🇩 ID	AS149667	2026-02-25
103.156.221.253	97%	25,219	195	🇮🇩 ID	AS149667	2026-02-26
223.123.43.1	100%	23,822	959	🇵🇰 PK	AS138423	2026-03-02
223.123.38.33	100%	23,777	904	🇵🇰 PK	AS138423	2026-03-02
223.123.43.69	100%	23,516	1,011	🇵🇰 PK	AS138423	2026-03-02
223.123.43.7	100%	22,992	895	🇵🇰 PK	AS138423	2026-03-02
223.123.43.5	100%	22,905	1,051	🇵🇰 PK	AS138423	2026-03-02
103.184.56.241	97%	22,537	177	🇮🇩 ID	AS149667	2026-02-23
223.123.38.34	100%	21,856	937	🇵🇰 PK	AS138423	2026-02-28
223.123.38.35	100%	21,545	971	🇵🇰 PK	AS138423	2026-03-02
223.123.38.32	100%	21,111	1,133	🇵🇰 PK	AS138423	2026-03-02

Loading threats