When it first came out - and i’d say much less restricted for community use - it was a step change in my understanding of the extent of observability in place on the internet. I knew the NSA “was out there”, but never knew one could browse, StumbleUpon-style, random internet services and knock on their doors. At the time I dealt with a lot of smaller internet-facing applications, and was excited about being able to search for public instances of them and worried about others finding mine.
There is a finite number of IPv4 addresses, you can simply open TCP connection to each of them on multiple ports and index everything that is returned. There are tools to do this by yourself (the only challenge is to find a provider that won't ban you for scanning the entire internet). There are also other services that do the same thing (e.g. ZoomEye, Censys, FOFA)
> SHODAN watches from Security Cameras, stares out of screens and monitors, sends threats and snide messages over the Station's PA system or via email to the player's data reader, and sometimes cuts off communications from friendly sources.
It's probably scanning most common ports first, so covering breadth of IPs rather than completeness of results. Out of curiosity, have you tried scanning your external IP with Nmap, enabling all ports?
