Tags

Hosts running HTTP/HTTPS web servers including Apache, Nginx, IIS, and other web application servers exposed to the internet.

Hosts running on major cloud providers including AWS, Google Cloud, Azure, and other cloud infrastructure platforms.

Content Delivery Network nodes from providers like Cloudflare, Akamai, Fastly, and AWS CloudFront.

Hosts with SSH (Secure Shell) service exposed. SSH provides encrypted remote access but can be a target for brute-force attacks.

Hosts running Nginx web server and reverse proxy. Nginx powers a significant portion of the internet's web traffic.

Hosts running Apache HTTP Server. Apache is one of the most widely used web servers and supports a vast ecosystem of modules.

SMTP, IMAP, and POP3 mail servers. Email infrastructure is critical for communication and often targeted for phishing and spam.

File Transfer Protocol servers. FTP is an older protocol that often transmits credentials in plaintext and may allow anonymous access.

Hosts running database services like MySQL, PostgreSQL, MongoDB, Redis, and Elasticsearch exposed to the internet.

Forward and reverse proxy servers including Squid, HAProxy, and various SOCKS proxies used for traffic routing and anonymization.

Internet of Things devices including cameras, routers, smart home devices, and industrial controllers exposed to the internet.

Remote Desktop Protocol services exposed to the internet. RDP is a frequent target for brute-force attacks and ransomware delivery.

VPN endpoints and gateways including OpenVPN, WireGuard, and IPSec servers providing encrypted tunnel access.