In the IT field, there are numerous applications with official product names. Using the product filter on Criminal IP makes it possible to identify which applications are running on a specific IP address.
To identify which applications are running on a specific IP address, simply use the product filter on Criminal IP. This filter allows you to search for open-source products like Nginx, Apache, Microsoft IIS, Lighttpd, and commercial software. For example, take a look at the following search result for SonicWall, often used as a firewall or VPN equipment.
As seen on the search results page above, the login page for SonicWall is also displayed.
How to Search for Microsoft Exchange Servers
You can use the same approach to search for Microsoft Exchange servers. To narrow down your search results, you can add “port:443” to your filter, as the SMTP protocol (an email protocol used by Exchange servers) also uses this port. It is worth noting that in March 2021, the Microsoft Exchange server was hit hard by a zero-day vulnerability.
How to Search for VMware ESXi Servers
Currently, there are around 46,000 results when searching for VMware ESXi. If you want to narrow down your search only to include cases where port 443 and OVH hosting servers are used, you can use the following search query: “product: vmware vcenter server as_name: “ovh sas” port:443”. Our CIP team has previously written a blog post on the VMware ESXi attack surface vulnerability. If you want to learn more about it, click the provided link.
Criminal IP’s Element Analysis feature enables you to check a complete list of products sorted by port.
Source: Criminal IP