Free Port Checker
Test whether a TCP port is open and reachable from the public internet. We connect from our servers to your host and report success, failure, or the specific error.
How it works
We open a TCP connection from our infrastructure to host:port — the same low-level handshake any networked service performs to reach you. If the connection completes, the port is reachable. If not, we report the specific failure mode:
- Connection refused — the host is reachable but no service is listening on that port
- Timeout — the port is silently dropped (typically a firewall
DROPrule, notREJECT) - DNS lookup failed — the hostname doesn't resolve
- Connection timed out / Connection error — the host is unreachable on the network path
We don't send any payload bytes — just a TCP connect. Nothing is logged about the result long-term, no IP tracking for marketing.
Common ports cheat sheet
| Port | Service | Notes |
|---|---|---|
| 22 | SSH | Most cloud hosts allow inbound from limited IPs only |
| 25 | SMTP (server-to-server) | Often blocked outbound by ISPs and cloud providers |
| 53 | DNS (TCP) | Used for large queries / zone transfers |
| 80 | HTTP | Should redirect to 443 in modern setups |
| 443 | HTTPS | The web's universal port |
| 465 / 587 | SMTP over TLS / Submission | Modern email submission ports |
| 993 | IMAPS | Encrypted IMAP |
| 3306 | MySQL | Usually firewalled — never expose to the internet directly |
| 5432 | PostgreSQL | Same — keep behind a VPC / VPN |
| 6379 | Redis | Same — devastating if exposed unauthenticated |
| 27017 | MongoDB | Same |
Why use this instead of nmap or telnet?
For a single port check from outside your own network, this is the fastest way. It tells you what the public internet sees — which is what your customers and integrations actually experience. Local nmap only tells you what's open from your machine, which often differs from what's open from the internet (NAT, firewalls, security groups).
For full multi-port scans of your own infrastructure, nmap is still the right tool. This page is for one-off "is X reachable from out there?" questions.
Frequently asked
Is this a port scanner I can use on someone else's host? No. We rate-limit aggressively per host:port (2 checks per minute) to prevent abuse as a scan vector. For your own infrastructure, use nmap locally.
Why does port 25 always fail from cloud servers? Most cloud providers (AWS, GCP, Azure, DigitalOcean) block outbound port 25 by default to prevent spam abuse. This is true even when checking from us — our outbound 25 may be blocked too. Use port 465 or 587 for legitimate SMTP submission.
UDP support? Not yet — TCP only. UDP "open" detection requires service-specific probes and isn't reliable from a single sample.
Continuously monitor any TCP service
PingSentinel monitors HTTP, TCP, ICMP, and SSL endpoints from multiple regions, with alerts to email, Slack, Discord, SMS, PagerDuty, and webhooks. Free tier covers up to 3 sites.
Start monitoring free