All tools
Security tools

Port Scanner

Scan TCP ports on any domain or IP to find exposed services. Three presets — Web, Common and Full — covering everything from HTTP to databases and admin panels.

Web preset (6 ports) Common preset (20 ports) Full preset (30+ ports) Scan your own servers only
Get started free Sign in

Free · No credit card · 50 credits/day

Scan presets

Choose the right preset for your use case.

Web 5 credits

Check whether standard and alternative HTTP/HTTPS ports are open. Good for quick web server audits.

80, 443, 8080, 8443, 8000, 3000
Common 20 credits

The 20 most important ports — FTP, SSH, SMTP, DNS, HTTP, mail, databases, RDP. Recommended for most audits.

21, 22, 23, 25, 53, 80, 110, 143, 443, 465, 587, 993, 995, 3306, 3389, 5432, 6379, 8080, 8443, 27017
Full 30 credits

Comprehensive scan including SMB, RPC, Oracle, Zookeeper, VNC, Elasticsearch, Jupyter and Metasploit default port.

21, 22, 23, 25, 53, 80, 110, 135, 143, 443, 445, 465, 587, 993, 995, 1433, 1521, 2181, 3000, 3306, 3389, 4444, 5432, 5900, 6379, 8080, 8443, 8888, 9200, 9300, 27017

Key ports and what they mean

Open ports that should raise a flag on an internet-facing server.

Port Service Risk if open to internet
22 SSH Low if key auth + rate limiting. High if password auth enabled. 22 SSH — 22
23 Telnet Critical — unencrypted. Should never be exposed publicly. 23 Telnet — 23
3306 MySQL Critical — databases should never be internet-facing. 3306 MySQL — 3306
5432 PostgreSQL Critical — databases should never be internet-facing. 5432 PostgreSQL — 5432
27017 MongoDB Critical — default MongoDB has no auth. Many breaches from this. 27017 MongoDB — 27017
6379 Redis Critical — default Redis has no auth and binds to all interfaces. 6379 Redis — 6379
3389 RDP High — brute-forced constantly. Use VPN or restrict by IP. 3389 RDP — 3389
5900 VNC High — use VPN. Many VNC implementations have weak auth. 5900 VNC — 5900
8080 HTTP-alt Medium — often a development server or admin panel accidentally exposed. 8080 HTTP-alt — 8080
9200 Elasticsearch Critical — no auth by default in older versions. Many public breaches. 9200 Elasticsearch — 9200
4444 Metasploit Critical — Metasploit default listener port. Should never be open. 4444 Metasploit — 4444
445 SMB Critical — WannaCry spread via SMB. Never expose to internet. 445 SMB — 445

Risk level assumes default service configuration. Hardening (firewalls, auth, VPN) changes the risk profile.

Only scan systems you own or have permission to test

Port scanning systems without authorisation may be illegal in your jurisdiction and violates most terms of service. This tool is intended for security audits of your own infrastructure. We block scanning of private/reserved IP ranges and enforce a 60-second rate limit per account. Always obtain written permission before scanning third-party systems.

Frequently asked questions

Is it legal to scan ports?

Scanning your own servers is always legal. Scanning third-party systems without permission may be illegal in many jurisdictions and violates most terms of service. This tool is intended for scanning servers you own or have explicit written permission to test. We block private IP ranges and enforce a 60-second rate limit.

What does an open port mean?

An open port means a service is actively listening for connections. Whether this is a problem depends on the service — port 443 (HTTPS) should be open for a web server. Port 3306 (MySQL) open to the internet is a security risk and should be firewalled. Port 22 (SSH) exposed publicly should use key-based auth and fail2ban.

Which ports should be closed on a web server?

A public web server should typically only expose ports 80 and 443. Everything else — database ports (3306, 5432, 27017, 6379), admin panels (8080, 8888), remote desktop (3389, 5900) and internal services (9200, 2181) — should be firewalled and only accessible via VPN or SSH tunnel.

What is the difference between open, closed and filtered ports?

An open port responds to connection attempts — a service is running. A closed port is reachable but no service is listening. A filtered port does not respond — a firewall is dropping packets. This tool shows open vs not-open; it does not distinguish closed from filtered.

Related security tools

More tools to audit your server and network security.

SSL Certificate Checker

Check certificate expiry, issuer and SANs for any domain.

Security Headers Checker

Audit HTTP security headers and get an A–F grade instantly.

IP Reputation Checker

Check if an IP address is listed on major email blacklists.

Scan your server now

Free account. 50 credits per day. Access to 75+ tools instantly.

Create free account →