Port Scanner Online
Run this port scanner before you spend time debugging authentication, headers, or application errors. If a port is closed or timing out from the outside, the problem is network-level — firewall, security group, DNS, or a service that never started. Works for proxy ports, web servers, APIs, dashboards, and SSH bastions.
A port scanner gives a broader view than a single port check because it can reveal several exposed services on one host. Use it only for infrastructure you own, test environments, or systems where you have permission. For proxy and server audits, it is a quick way to confirm that only expected ports are reachable and old panels have not been left public.
Run the result against the exact browser, device, proxy protocol, and target country you plan to use in production. A clean result here is not a ranking promise, but it catches the configuration mistakes that usually create blocked sessions, wrong geo signals, DNS leaks, or inconsistent fingerprints.
For repeat workflows, record the visible IP, ASN, DNS route, latency, and warning state before and after each proxy change. That gives QA, scraping, SEO, ads, and account teams a comparable baseline instead of relying on a single one-off check.
When troubleshooting a blocked session or unexpected platform response, work through the stack in order: confirm the port is reachable, verify the exit IP and ASN, check DNS resolver, inspect request headers, and then compare browser fingerprint and timezone. Skipping layers leads to misdiagnosis — a timeout at the port level looks similar to a cookie checkpoint at the application layer but the fix is completely different.
Mobile proxy workflows behave differently from datacenter ones because CGNAT means multiple physical users share the same outbound IP range. Platforms treat these IPs with higher inherent trust, but that trust can erode if the same session triggers unusual behavior like very high request rates, mismatched timezones, or browser fingerprints that do not match a real mobile device. Use these diagnostic tools to verify the whole configuration, not just the IP.
Scan multiple TCP ports at once and get a clear open/closed/timeout result for each — tested from an external network, not your own.
Public hosts only
Private IPs, localhost, and RFC-1918 ranges are rejected to prevent server-side request forgery (SSRF).
TCP connect, not app-layer
Open means the TCP handshake succeeded — the port is listening. It does not mean the service is healthy, authenticated, or responding to your protocol.
Scan proxy ports in bulk
Enter a comma-separated list like 3128, 8080, 8888, 1080 to scan all common proxy ports at once and immediately see which ones are reachable.
Frequently asked questions
Multi-port scanning rules, common services, and ethical use of the scanner.
What is a port scanner?+
A tool that systematically tests a range of ports on an IP to discover which ones accept connections, which are closed, and which are filtered by a firewall. It tells you the network attack surface of a host.
Is port scanning legal?+
Scanning your own IPs / hosts you have permission to audit is normal admin and security work. Scanning third-party IPs without authorization is illegal in most jurisdictions and at minimum violates your ISP's terms of service. Stay on systems you own.
How is this different from port checker?+
Checker tests a small set of ports you already named. Scanner sweeps tens, hundreds, or thousands of ports automatically. Use checker for "is my proxy reachable"; use scanner for "what services are running on this server".
What ports does it scan by default?+
The 1024 well-known ports plus the most common alt ports (3128, 8080, 8443, 1080, 1194, 1701, 1723, 5060, etc.). For full 0–65535 scans, increase the range explicitly.
Can I scan a custom range?+
Yes — pass a range like `1-1000` or comma-separated list `80,443,8080,1080`. Larger ranges take longer and are more likely to trigger anti-scan defenses.
How long does a scan take?+
Depends on range size, network latency, and how many ports the firewall silently filters (filtered ports add wait time per port). 1024-port TCP scan to a healthy host: ~15–30 seconds. Full 65k scan: minutes.
What does "filtered" mean in scanner output?+
Firewall received the probe but neither sent RST (closed) nor SYN-ACK (open) — it dropped the packet. Filtered means "a firewall stands between your scan and the answer", not "port is open".
Will my IP get blacklisted for scanning?+
If you scan a single host you own, no. Mass scanning third-party IPs, especially aggressively, will absolutely get you flagged by Cloudflare, AWS GuardDuty, OVH, fail2ban, and many ISP abuse desks. Don't.
Can the scanner detect what service is running?+
Basic banner grabbing yes — many services announce themselves on connect (SSH version, HTTP server header). Deep service fingerprinting (nmap-style) requires probing each detected port with protocol-specific payloads, which our public tool keeps light.
Common ports for proxy services?+
1080 (SOCKS), 3128 (Squid HTTP proxy), 8080 (HTTP proxy alt), 8888 (HTTP proxy alt), 9050 (Tor), 1194 (OpenVPN), 51820 (WireGuard), 443 (TLS-tunneled proxy / VLESS Reality).
Difference between TCP scan and UDP scan?+
TCP scans rely on the three-way handshake (SYN, SYN-ACK, RST/ACK) — fast and definitive. UDP scans send a packet and wait for ICMP "port unreachable" or an application response. UDP is much slower, less definitive, and false-negative-prone.
Can I scan IPv6 addresses?+
Yes — input a full IPv6 address (e.g. `2a01:4f9::1234`). Note that IPv6 address space is huge, so scanning ranges in IPv6 is impractical — focus on specific addresses.