Free Online Port Scanner & Port Checker
Type an IP address or domain name into the Target Address field, pick a scan mode — single port, port range, or a preset like Web Services — and hit Scan. You'll get back the port status (open, closed, or filtered), the detected service running on it, and the response time in milliseconds. Need to check your own machine? Click Use My IP and your public IP fills in automatically. Need to test many hosts at once? Try our bulk port scanner for multiple IP addresses.
Fast Port Scanning
Get port status, service detection, and response times back in seconds. Scan single ports or ranges up to 50 at a time.
Service Detection
Each open port shows the service running behind it — HTTP, SSH, MySQL, and more — along with banner info when available.
Free, No Signup
No account needed. No rate-walled premium tier. Run your scans directly from the browser on any device.
What Is a Port in Networking?
A port is a virtual communication endpoint that lets your operating system route incoming and outgoing network traffic to the correct application. Every program that sends or receives data over a network claims at least one port. Your browser, email client, SSH session, and database all use separate port numbers so they can share the same IP address without interfering with each other.
Ports are identified by a number from 0 to 65535. When you type https://example.com in your browser, your OS opens a connection to port 443 on the remote server — that's the standard HTTPS port. The server sees the incoming connection on 443 and knows to hand it to the web server process.
TCP vs UDP Ports
Every port number exists in two separate namespaces — TCP and UDP — so port 53 TCP and port 53 UDP are technically different endpoints, though DNS uses both.
TCP — Transmission Control Protocol
Establishes a confirmed three-way handshake before any data flows. Reliable and ordered — every packet is acknowledged. Used by HTTP, HTTPS, SSH, FTP, SMTP, and most application protocols.
UDP — User Datagram Protocol
Sends data without a handshake — no confirmation, no guaranteed delivery. Faster with lower overhead. Used by DNS, VoIP, video streaming, online gaming, and NTP.
Port Number Ranges
| Range | Name | Examples |
|---|---|---|
| 0 – 1023 | Well-known ports | HTTP (80), HTTPS (443), SSH (22), FTP (21) |
| 1024 – 49151 | Registered ports | MySQL (3306), PostgreSQL (5432), RDP (3389) |
| 49152 – 65535 | Dynamic / ephemeral | Temporary client-side ports assigned by the OS |
What Is a Port Checker and How Does It Work?
A port checker (also called a port scanner or open port checker) is a tool that probes a specific IP address or domain on one or more port numbers and reports whether each port is open, closed, or filtered. This tool runs checks from our servers, so what you see reflects how the internet reaches your host — not how your local machine sees it.
How Does an Online Port Scanner Work?
Most online port checkers use a TCP SYN probe (sometimes called a half-open scan):
- The scanner sends a TCP SYN packet to the target IP and port.
- If the port is open, the target responds with SYN-ACK. The scanner records "open" and sends RST to close the half-open connection.
- If the port is closed, the target responds with RST immediately.
- If the port is filtered, a firewall drops the packet silently — the scanner times out with no response.
Response time in milliseconds is measured from when the probe is sent to when the first packet is received.
How to Find Your Port Number (Without a Scanner)
To see which ports are already open on your own machine, use the built-in network tools:
Windows
netstat -ano
Lists active connections, listening ports, and the PID of each process. Open Task Manager to match PIDs to application names.
Linux / macOS
ss -tuln
Shows all TCP and UDP listening ports with no DNS resolution. Add -p to also print process names.
Most Common Ports to Check
Not all ports carry the same risk or importance. The ones below are the most frequently scanned because they correspond to services that are either universally deployed or commonly exploited.
Essential Service Ports
| Port | Protocol | Service | Why It Matters |
|---|---|---|---|
| 21 | TCP | FTP | File transfer — transmits credentials in plain text; often targeted |
| 22 | TCP | SSH | Secure remote shell access; high-value brute-force target |
| 23 | TCP | Telnet | Legacy remote access — unencrypted; should always be closed |
| 25 | TCP | SMTP | Email delivery; open relay misconfiguration enables spam abuse |
| 53 | TCP/UDP | DNS | Domain resolution; open resolvers can be used in amplification attacks |
| 80 | TCP | HTTP | Plain-text web traffic; should redirect to HTTPS (443) |
| 443 | TCP | HTTPS | Encrypted web traffic; must be open for any public web server |
| 3389 | TCP | RDP | Windows Remote Desktop — extremely targeted; restrict to VPN only |
| 5900 | TCP | VNC | Remote desktop sharing — exposing to the internet is a critical risk |
| 8080 | TCP | HTTP Alt | Common dev/proxy port; often forgotten and left exposed |
Database and Application Ports
| Port | Service | Risk if Exposed |
|---|---|---|
| 1433 | Microsoft SQL Server | Direct DB access; frequent ransomware target |
| 3306 | MySQL / MariaDB | Exposed DBs are routinely scanned and dumped |
| 5432 | PostgreSQL | Should be firewalled; never exposed to the internet |
| 6379 | Redis | No auth by default; exposed Redis instances lose all data |
| 27017 | MongoDB | Misconfigured open installs led to mass data breaches |
| 9200 | Elasticsearch | No auth by default; exposes full index to anyone |
Who Uses a Port Checker?
Port scanning isn't just a security professional's tool. Anyone who sets up a server, troubleshoots a network connection, or configures a home router will reach for a port checker at some point.
Developers and IT Teams
Verify that a newly deployed API, microservice, or server is reachable on the correct port before releasing to production. Confirm that TLS termination is happening on 443 and not leaking traffic on 80. Debug "connection refused" errors by checking whether the port is open at all versus blocked by a firewall.
Network and Security Professionals
Run quick external port scans as part of vulnerability assessments to confirm firewall rules are enforced. Validate that database ports (3306, 5432, 27017) are not exposed to the internet. Check that legacy services like Telnet (23) or FTP (21) are closed on public-facing infrastructure.
System Administrators
Audit open ports on servers after applying firewall rule changes. Confirm that RDP (3389) or SSH (22) are firewalled or limited to specific IPs. Verify that VPN, monitoring, and backup services are listening on their expected ports after a system update or reboot.
Home Users and Gamers
Test whether port forwarding is working correctly for a game server, home NAS, or self-hosted application. Confirm that the router's port mapping is set up right and that the ISP isn't blocking specific ports. Diagnose why friends can't connect to a Minecraft, Valheim, or Plex server.
What Is Port Forwarding and How Do You Test It?
Port forwarding (also called port mapping) instructs your router to pass all traffic arriving on a specific external port to a particular device inside your private network. Without it, your router's NAT keeps every incoming connection blocked by default — your internal servers are invisible from the internet.
Common use cases include hosting a game server, running a home web server, accessing a NAS remotely, or connecting to a home machine via SSH or RDP. Your ISP-assigned public IP receives the connection, and the router forwards it to the private IP of your target device.
How to Verify Port Forwarding Is Working
- Set up the port forward rule in your router's admin panel — specify the external port, internal IP, and internal port for the target device.
- Start the service on the target device (game server, HTTP server, SSH daemon, etc.) and confirm it's listening locally using
ss -tulnornetstat -ano. - Check the local firewall on the target device — Windows Defender Firewall or
ufw/iptableson Linux may be blocking the port even if the router is forwarding correctly. - Run this port checker using your public IP address and the forwarded port number. An "open" result confirms the full path is working — router, firewall, and service.
Note: some ISPs block specific ports (25, 80, 443) on residential connections. If the port shows as filtered and you've confirmed the router and firewall settings are correct, contact your ISP or consider switching to a non-standard port.
Frequently Asked Questions
What is a port in networking?
What is the difference between TCP and UDP?
How many ports does a computer have?
What does "filtered" mean when checking a port?
What is port forwarding and how do I test it?
Are open ports a security risk?
Is port 80 safe to leave open?
How do I find open ports on my own computer?
netstat -ano — this lists all active connections and listening ports alongside the PID of the owning process. On Linux or macOS, run ss -tuln to see all TCP and UDP listening ports. Add -p to also display process names.
How do I close an open port?
ufw on Ubuntu, or iptables on other Linux systems. On cloud servers, also check your provider's security group or network ACL rules — traffic can be blocked at the infrastructure level independently of the OS firewall.