Unique issue: Public exploits

When I get to my nmap scan I’m supposed to find a wordpress site on an http port. Instead, I find ssh and an http port on a much higher port with the term ‘Phrase Keeper’ that is some sort of login page. Any reason why I may have the wrong target spawned?