Check which ports on a host are open and what services are listening on them
Give this API a hostname or IP address and it will try connecting to each port in your requested range. For every port that answers, it tells you whether it is open or blocked, which service is likely running there (like a web server or SSH), and what software version was detected. This saves you from installing network tools, parsing messy command-line output, or writing socket loops yourself. Only scan hosts you own or have permission to scan — this tool does not check that for you.
https://port-scanner.underscoredone.com/scan$0.01 per request — pay via x402/USDC. No account needed.
POST a JSON body with 'target' (hostname or IP as a string) and optionally 'ports' (a range like '1-1000' or a comma-separated list like '22,80,443'), 'scan_type' (only 'tcp_connect' is supported), and 'timeout' (whole number of seconds, 5 to 60). The response includes an 'open_ports' array — each item has 'port', 'protocol', 'state', 'service', and 'version'. Use 'ports_scanned' and 'closed_or_filtered_count' for summary stats. If the target cannot be reached or resolved, you will receive a 400 error with a plain-English 'error' field. Never use this on hosts you do not own or have explicit permission to scan.
| Name | Type | Required | Description |
|---|---|---|---|
target | string | yes | The hostname (like 'example.com') or numeric IP address (like '93.184.216.34') you want to scan. Must be a real, reachable address. |
ports | string/null | no | Which ports to check. Use a range like '1-1000', a comma-separated list like '22,80,443', or leave this out to automatically check the 1000 most commonly used ports. |
scan_type | string/null | no | How to probe each port. The only supported value right now is 'tcp_connect'. Defaults to 'tcp_connect' if left out. |
timeout | integer/null | no | How many seconds the scan is allowed to run before giving up. Must be between 5 and 60. Defaults to 30 if left out. |
{
"target": "scanme.nmap.org",
"ports": "1-1000",
"scan_type": "tcp_connect",
"timeout": 30
}{
"target": "scanme.nmap.org"
}{
"target": "not-a-real-host-xyz123.invalid",
"ports": "99999",
"timeout": 5
}{
"target": "scanme.nmap.org",
"ports": "1-65535",
"scan_type": "tcp_connect",
"timeout": 60
}{
"api_version": "1.0.0",
"target": "scanme.nmap.org",
"resolved_ip": "45.33.32.156",
"scan_type": "tcp_connect",
"duration_ms": 4521,
"ports_scanned": 1000,
"open_ports": [
{
"port": 22,
"protocol": "tcp",
"state": "open",
"service": "ssh",
"version": "OpenSSH 8.2p1"
},
{
"port": 80,
"protocol": "tcp",
"state": "open",
"service": "http",
"version": "Apache httpd 2.4.41"
}
],
"closed_or_filtered_count": 998
}
| Status | Meaning |
|---|---|
400 | Bad request — your input failed validation or could not be processed. Check the detail field for specifics. |
402 | Payment required. Send a signed USDC payment on Base Mainnet using the x402 protocol. |
422 | Unprocessable — a required field is missing or the wrong type. Check the detail field for specifics. |