TCP port check

Use this tool to test if a TCP port is reachable on a host. Supports IPv4/IPv6 and multiple ports in one request.

Enter a host (domain or IP), ports separated by comma or space, and optional timeout. The checker tries to open a TCP connection to each port.

• 22/tcp: SSH
• 80,443/tcp: HTTP/HTTPS
• 25/tcp: SMTP (may be filtered by providers)

Only TCP is tested. Firewalls/NAT can filter probes; "closed" may mean filtered. Results reflect connectivity from our server, not globally.

• Why is UDP port scanning not supported? UDP is connectionless - there is no handshake like TCP's SYN/ACK. Many UDP services do not reply to empty probes, and ICMP "port unreachable" responses are often filtered by firewalls. This means no response is ambiguous: it could mean the port is open, filtered or the packet was dropped. Reliable UDP checks require protocol-specific payloads and timeout analysis.
• Does an open port mean the service is secure? No. An open port only means a service is listening and accepting TCP connections on that port. The service may still have vulnerabilities, use weak authentication or run outdated software. Port scanning is a first step in security assessment - it tells you what is exposed, not whether it is safe.
• Why do some ports show as timed out? Timeouts occur when the target host drops packets silently instead of responding. This happens with firewall rules that use DROP instead of REJECT, network congestion, or hosts that throttle connection attempts to prevent scanning. A timeout usually means the port is filtered by a firewall.
• Which ports should I check? Common ports to verify: 22 (SSH), 80 (HTTP), 443 (HTTPS), 3306 (MySQL), 5432 (PostgreSQL), 6379 (Redis), 8080 (alternative HTTP). For security audits, check that database and cache ports (3306, 5432, 6379, 27017) are NOT accessible from the public Internet.