Port Check - Online Port Scanner

Domain Input

Open Port Scanner

Scan common TCP ports on any host to identify open services. Default scan covers HTTP (80/443), SSH (22), FTP (21), SMTP (25/587), DNS (53), databases (3306/5432), and more. Each result shows port number, service name, and response time. Open ports reveal the attack surface of a target — essential for security assessments.

How It Works

TCP connection attempts are made from Cloudflare Workers to each target port. If the three-way handshake completes, the port is marked open. Connection refusals indicate a closed port. Timeouts may indicate filtered (firewalled) ports. Results include response timing for latency analysis.

FAQ

Is port scanning legal?

Scanning your own servers is always legal. Scanning third-party systems without authorization may violate computer misuse laws in many jurisdictions. This tool is intended for authorized security testing, penetration testing engagements, and educational purposes only.

What are the most commonly targeted ports?

SSH (22), HTTP (80), HTTPS (443), RDP (3389), SMB (445), and database ports (3306 MySQL, 5432 PostgreSQL, 27017 MongoDB) are frequently probed. Leaving these open to the internet without proper authentication creates significant security risk.

What does a "filtered" port mean?

A filtered port means a firewall or security group is silently dropping the connection attempt — no response is returned. This is different from "closed" where the server actively refuses the connection. Filtered ports do not reveal whether a service is running behind the firewall.

Enter a host and look up.

Enter a domain and run a lookup to see results.

Tool Features

Related Guides

Verify host with DNS lookup Check SSL status
Coming Soon Port monitoring alerts — coming soon.