Port Checker
Check whether a TCP port on a public host is open by attempting a connection from our server. The probe reports open with round-trip latency, or closed with the underlying reason such as a refused connection or timeout.
How to use this tool
- 1
Type the public hostname or IP you want to probe (for example example.com) into the host field.
- 2
Set the port number, either by typing it or clicking one of the quick presets like 22, 80, 443, or 3306.
- 3
Click Check and wait up to five seconds for the result.
- 4
Read the result banner: green means the port accepted a TCP connection (with latency in milliseconds), red means it did not (with the reason code).
What does checking if a TCP port is open actually mean?
Every network service listens on a numbered TCP port: web servers on 80 and 443, SSH on 22, SMTP on 25, MySQL on 3306, PostgreSQL on 5432, Redis on 6379, MongoDB on 27017. A port is open when something is listening and a firewall permits the connection. This tool determines that by opening a real TCP socket from our server to your host and completing the three-way handshake (SYN, SYN-ACK, ACK). If the handshake succeeds it reports the port open along with the round-trip time in milliseconds. If the remote host actively refuses the connection you get a reason code like ECONNREFUSED, meaning the host is reachable but nothing is listening on that port. If no response arrives within five seconds the check returns a timeout, which usually means a firewall is silently dropping packets. This is a plain TCP connect probe: it does not send any protocol data, grab service banners, perform TLS handshakes, or test UDP ports. Because the connection originates from our server rather than your machine, the result reflects what the public internet can reach, which is exactly what you want when verifying that a service is exposed.
Common use cases
Confirm a freshly deployed web app is reachable on port 443 before pointing DNS or a load balancer at it.
Diagnose why clients cannot connect to a database by checking whether 3306 or 5432 is actually exposed.
Verify a new firewall or security-group rule opened (or closed) the port you intended.
Check that a sensitive service like Redis on 6379 or MongoDB on 27017 is NOT left open to the public internet.
Test whether an outbound SSH or SMTP port is blocked between a remote host and the public internet.
Validate that a port-forward or reverse proxy is passing traffic through to the expected backend port.
Frequently asked questions
Why does my localhost or internal service not show as open?▼
What is the difference between 'closed' with ECONNREFUSED and 'timeout'?▼
Does an open port mean the service is healthy?▼
Can it check UDP ports like DNS on 53 or a game server?▼
Is my host or port data uploaded or stored?▼
Why is there a five-second limit and what do the presets mean?▼
Can I enter an IP address instead of a hostname?▼
Related tools
DNS Lookup
Look up DNS records (A, AAAA, MX, TXT, NS) for any domain.
WHOIS Lookup
Get full WHOIS data for any domain.
SSL Certificate Checker
Check SSL certificate validity, issuer, and expiry.
HTTP Header Analyzer
Inspect HTTP response headers and security signals.
HTTP Status Code Checker
Check status code of any URL — single or bulk.
Redirect Chain Tracer
Follow every hop in a redirect chain.