It varies mostly for me. All in all some scans I do for likely all of them, and I do a Nmap scan + Metasploit scan.
nmap -sS -T3 -Pn -A -sU (IP) -D 10.0.0.1,10.0.0.2,10.0.0.4
the majority have at least one FTP server, so since many people dont care to ensure those particular servers safety ( at least not the major companies ones) I scan for specific servers (http,sftp,ftp,ssh)
nmap -S -T3 -Pn -p http,sftp (IP) -D 10.0.0.1,10.0.0.2,10.0.0.4
and also a metasploit scan because usually metasploit picks up something than nmap.
set RHOSTS (IP) /24
and of course a nikto scan.