TCP Port Test — IP Exposure & Open Port Scan
Internet-facing TCP port snapshot for IPv4 — enriched Shodan data or basic HEAD probes
How to Use This Tool
- Enter a public IPv4 address you own or are authorized to assess.
- IPv4 validation precedes Shodan API fetch or basic TCP HEAD probes.
- Enriched mode returns ports array, org, isp, vulns, and service product samples.
- Basic-scan mode lists openPorts from HEAD probes on eight common TCP ports.
- source field distinguishes shodan enriched data from basic-scan scope.
- Review port list against asset inventory and close unnecessary services.
About This Tool
Network engineers and security teams need to know which TCP ports respond on a public IPv4 address before attackers do — forgotten management interfaces and database listeners dominate breach postmortems. VSPIC TCP port test calls the shodan action with IPv4 input — same backend as shodan-quick-view and vulnerability-scanner. When SHODAN_API_KEY is configured server-side, results include source shodan with ports array, hostnames, org, isp, vulns identifiers, and up to ten sampled service records with port, transport, and product hints; without API key, source basic-scan performs parallel HEAD probes on common TCP ports 21, 22, 25, 80, 443, 3306, 8080, and 8443.
This page frames TCP port test SEO vocabulary for firewall validation and exposure audits. Scan only IPs you own or are authorized to test. Absence of a port in basic-scan does not prove closure — firewalls may drop probes differently than full TCP connects.
Common use cases
- •Measure download and upload speed
- •Test open ports on a home router or server
- •Trace routing paths to diagnose latency
Why use VSPIC for ?
- TCP-focused framing on shodan ports and openPorts results.
- Service product hints from enriched data samples.
- Vulnerability identifier context when Shodan indexes CVE associations.
- Honest basic-scan fallback when API key unavailable.
- org and isp fields for asset inventory correlation.
- Free external TCP exposure snapshot on authorized IPs.
TCP port test versus full port scan
Enterprise port scanners perform full TCP connect sweeps across 65535 ports with service fingerprinting. Our shodan action returns indexed exposure when enriched, or fast HEAD probes on eight common TCP ports in basic-scan — sufficient for smoke tests after firewall changes, not exhaustive audits.
Configure SHODAN_API_KEY for production recurring TCP exposure checks requiring complete indexed port arrays.
Interpreting ports and openPorts
Enriched mode returns structured ports array from Shodan host index. Basic-scan returns openPorts subset that responded to HEAD within two-second timeouts. Port 22 suggests SSH — ensure key-only auth. Database ports 3306 or 5432 on public IPs are critical findings regardless of HTTP response.
Cross-check discovered hostnames with ssl-tls-grade-checker and security-headers-checker for transport and header posture.
Shodan enriched versus basic-scan
source shodan includes vulns array when Shodan indexed CVE associations for services on the IP. source basic-scan notes limited HEAD probe scope — no vulns array. Branch automation parsers on source before alerting.
Empty port list may mean firewalled, offline, or blocking probes — verify with internal monitoring and packet-loss-test on reachable targets.
Firewall validation workflow
Run tcp-port-test after security group or ACL deploy to confirm unintended services no longer respond externally. Pair with firewall-checker scratchpad notes documenting intended allow lists in change tickets.
Retest after patch windows — new packages sometimes bind unexpected TCP listeners.
Relationship to shodan-quick-view
tcp-port-test, shodan-quick-view, network-vulnerability-scanner, and vulnerability-scanner share action shodan with identical JSON. SEO pages differ; automation uses one endpoint. This page emphasizes TCP port test search intent.
API: GET /ip-tools/api/extended?action=shodan&ip=203.0.113.10
Vulnerability follow-up
When vulns array populates, map identifiers to patch workflows with cve-lookup and cvss-calculator. Indexed CVE association does not prove vulnerable version installed — validate locally.
network-vulnerability-scanner page frames CVE-oriented vocabulary on the same backend when ticket titles prefer vulnerability language.
Authorized scanning ethics
Scan only IPs in scope for penetration tests or owned infrastructure. Document rules of engagement before bulk checks.
Shared hosting IPs may show ports from co-tenant services — verify process ownership before remediation assumptions.
Operational use cases
Verify cloud security group deployment after Terraform apply. Onboard acquired company IP ranges with rapid TCP exposure inventory. Answer support tickets asking whether anything responds on common TCP ports.
Export JSON with source and ports into risk registers with date stamps — exposure changes as services migrate.
Important notes & limitations
- Basic-scan uses HEAD probes — non-HTTP TCP services may be missed.
- UDP services are invisible to HEAD probes — use udp-port-test page for UDP framing.
- Enriched mode requires SHODAN_API_KEY server-side configuration.
- IPv4 only — no hostname resolution on this form.
- Unauthorized scanning may violate provider AUP and laws.
Frequently Asked Questions
Yes. VSPIC offers this TCP port test at no cost with no account required. Results load in real time.
We do not permanently store your queries on our servers. Some tools run entirely in your browser; others fetch public data for the request only.
Yes. Open the page in any modern phone or tablet browser. Results work on Wi‑Fi and mobile data.
Enriched mode returns detailed ports, org, vulns, and services from Shodan. Basic mode HEAD-probes eight common TCP ports only.
This form accepts IPv4 only. Resolve the domain A record first with website-dns-checker or dns-history.
Not necessarily. Firewalls may drop probes, or services may listen on ports outside the basic-scan set.
Same shodan API and JSON. This page targets TCP port test SEO; shodan-quick-view uses Shodan quick view terminology.
They indicate Shodan indexing association. Validate installed versions locally before assuming exploitability.
shodan with the ip parameter.
Next step for your check
Continue with shodan quick view on VSPIC.
Related Tools
Explore more free VSPIC tools for IP, DNS, security, and network diagnostics.
Shodan Quick View
Open ports, services, and basic exposure summary
Use Free →UDP Port Test
UDP Port Test — free online tool
Use Free →Network Vulnerability Scanner
Network Vulnerability Scanner — free online tool
Use Free →Firewall Checker
Firewall Checker — free online tool
Use Free →Speed Test
Measure download, upload, ping, and jitter for your connection
Use Free →Ping Test
Measure latency to any hostname or IP address
Use Free →
Trusted by Users Who Value Privacy
Always Free
No premium plan ever
100% Private
Files processed in browser
Instant Results
Convert in seconds
Works Everywhere
Any device, any OS