Network Tools

TCP Port Scanner — Shodan Exposure & Open Ports

Internet-facing TCP port exposure summary for authorized IPv4 addresses

How to Use This Tool

Enter a valid public IPv4 address (e.g. 203.0.113.10).
IPv4 validation rejects private and malformed addresses.
Enriched mode fetches Shodan host index when API key is configured.
Basic-scan mode HEAD-probes eight common TCP ports with short timeouts.
Results include ports or openPorts, org, hostnames, vulns when enriched, and note.
Review source indicator and map open ports to firewall remediation.

About This Tool

TCP port scanning reveals which services accept connections on an IPv4 address — SSH, HTTP, databases, and management panels each expand attack surface when exposed publicly. VSPIC tcp-port-scanner calls the shodan action with your IPv4 input — same backend as shodan-quick-view, vulnerability-scanner, and honeypot-detector. When SHODAN_API_KEY is configured, enriched mode returns ports array, hostnames, org, isp, vulns identifiers, and up to ten sampled service records with port, transport, and product hints; without API key, basic-scan performs parallel HEAD probes on common TCP ports 21, 22, 25, 80, 443, 3306, 8080, and 8443.

source field distinguishes shodan enriched data from basic-scan scope. UDP ports are not covered by HEAD probes — use udp-port-scanner for indexed UDP exposure. Scan only IPs you own or are authorized to test.

Common use cases

•Measure download and upload speed
•Test open ports on a home router or server
•Trace routing paths to diagnose latency

Why use VSPIC for ?

TCP-focused port exposure framing on shodan backend.
Enriched vulns and service product hints when API configured.
Honest basic-scan fallback lists openPorts from common TCP probes.
org and isp attribution for asset inventory correlation.
Consistent JSON with shodan-quick-view for automation.
Free external TCP exposure snapshot on authorized IPs.

TCP port scanning scope

Full port sweeps across 65535 TCP ports are penetration-test activities requiring explicit authorization and timing controls. Our page offers rapid exposure triage — enriched Shodan index when configured, or lightweight HEAD probes on eight common TCP ports otherwise.

Interpret results as external perspective snapshot, not internal firewall rule confirmation.

Shodan enriched versus basic-scan

Enriched handleShodan returns structured ports array, reverse hostnames, org, isp, vulns when indexed, and data samples with transport tcp and product strings.

Basic-scan notes limited HEAD probes when SHODAN_API_KEY is absent — sufficient to spot obvious HTTP and SSH exposure but not exhaustive. Always read source field.

Interpreting common TCP ports

Port 22 suggests SSH — verify key-only auth and fail2ban. Port 80 and 443 imply web — cross-check TLS grade on hostnames. Port 3306 or 5432 on public IPs are critical database exposure findings.

Port 8080 and 8443 often expose alternate management or application servers.

Relationship to shodan-quick-view

tcp-port-scanner and shodan-quick-view share action shodan with identical JSON. shodan-quick-view is canonical exposure vocabulary; tcp-port-scanner emphasizes TCP port scanner SEO for operators searching port-scan terminology.

API GET /ip-tools/api/extended?action=shodan&ip=203.0.113.10 on both.

Relationship to vulnerability-scanner

vulnerability-scanner frames vulns array for CVE-oriented triage on the same shodan backend. tcp-port-scanner emphasizes open TCP ports and service samples — run both mental models on same JSON export.

Remediation workflow

Close unnecessary TCP ports at host firewall and cloud security group. Move management interfaces behind VPN. Patch software tied to vulns identifiers when enriched mode lists them.

Retest after changes to confirm exposure collapsed from internet view.

Domain resolution prerequisite

This form accepts IPv4 only. Use website-dns-checker or dns-lookup on domains first, then paste hosting address. CDN edges may differ from origin — check origin-ip-finder when applicable.

API action shodan

Parse ports versus openPorts based on source shodan versus basic-scan. Automate SOAR when unexpected database ports appear on inventory IPs.

Configure SHODAN_API_KEY server-side for production TCP exposure audits requiring full indexed ports.

Authorized scanning ethics

Scan only assets you own or have written permission to test. Document scope in penetration test rules of engagement.

Shared hosting may show co-tenant services — verify process ownership before patching assumptions.

Important notes & limitations

IPv4 input only — resolve domains before scanning.
Basic-scan covers eight common TCP ports — not full 1-65535 sweep.
HEAD probes favor HTTP-oriented ports — raw TCP services may differ.
vulns empty in basic-scan mode — CVE hints need SHODAN_API_KEY.
Unauthorized port scanning may violate provider AUP and laws.

Frequently Asked Questions

Yes. VSPIC offers this TCP port scanner at no cost with no account required. Results load in real time.

We do not permanently store your queries on our servers. Some tools run entirely in your browser; others fetch public data for the request only.

Yes. Open the page in any modern phone or tablet browser. Results work on Wi‑Fi and mobile data.

Enriched mode returns Shodan-indexed ports. Basic-scan probes eight common TCP ports only — not full sweep.

Yes. action shodan with ip parameter — identical JSON shape.

Either basic-scan mode without SHODAN_API_KEY or Shodan has no indexed vulnerabilities for that host.

IPv4 only. Resolve domain A record first with dns-lookup or website-dns-checker.

No. HEAD probes are TCP HTTP-oriented. Use udp-port-scanner for indexed UDP services.

shodan with the ip parameter.

Next step for your check

Continue with shodan quick view on VSPIC.

Shodan Quick View

Related Tools

Explore more free VSPIC tools for IP, DNS, security, and network diagnostics.

Browse all tools Comparison guides

Trusted by Users Who Value Privacy

Always Free

No premium plan ever

100% Private

Files processed in browser

Instant Results

Convert in seconds

Works Everywhere

Any device, any OS