Telnet Command Sh

Telnet command input sh, commonly used to invoke the system shell (Bourne shell) on Unix or Unix-like systems. It may be issued to spawn a new shell instance, execute inline commands, or escape from a restricted CLI environment into a standard operating system shell. regex:

Observed IPs

31,915

Avg Confidence

75%

Protocol

TELNET

Top IPs by event count

IP Address	Risk	Events	Sessions	Country	ASN	Last Seen
185.16.39.79	100%	1,287,701	25,650	🇵🇱 PL	AS201814	2026-03-17
103.93.93.211	100%	142,130	10,966	🇮🇩 ID	AS141140	2026-04-04
161.97.148.194	100%	136,089	60,868	🇫🇷 FR	AS51167	2026-03-12
103.93.93.182	100%	92,312	6,841	🇮🇩 ID	AS141140	2026-04-04
102.212.40.100	100%	57,520	3,466	🇳🇬 NG	AS329244	2026-03-18
130.12.180.37	92%	44,671	44,441	🇳🇱 NL	AS202412	2026-03-14
130.12.180.106	100%	37,892	2,509	🇺🇸 US	AS202412	2026-03-01
77.45.86.115	96%	37,226	1,552	🇵🇱 PL	AS35191	2026-03-03
103.13.138.22	100%	31,622	2,996	🇮🇩 ID	AS150215	2026-04-10
223.123.38.36	100%	27,061	1,892	🇵🇰 PK	AS138423	2026-04-10
103.184.56.249	97%	25,666	196	🇮🇩 ID	AS149667	2026-02-25
223.123.38.33	100%	25,235	1,656	🇵🇰 PK	AS138423	2026-04-10
103.156.221.253	97%	25,219	195	🇮🇩 ID	AS149667	2026-02-26
223.123.43.1	100%	24,423	1,560	🇵🇰 PK	AS138423	2026-04-09
223.123.43.69	100%	24,122	1,617	🇵🇰 PK	AS138423	2026-04-06
223.123.43.5	100%	23,845	1,991	🇵🇰 PK	AS138423	2026-04-09
223.123.43.7	100%	23,720	1,623	🇵🇰 PK	AS138423	2026-04-09
223.123.38.34	100%	22,770	1,851	🇵🇰 PK	AS138423	2026-04-10
103.184.56.241	92%	22,538	178	🇮🇩 ID	AS149667	2026-04-02
223.123.38.35	100%	22,330	1,756	🇵🇰 PK	AS138423	2026-04-08

Loading threats