Have you had port 22 open for a while, and continuously? It's using cached results not an active scan. False negatives though would definitely be worse in this application.
Also at least for me it shows nothing while I do have ports open, but that's because I whitelist limited IP ranges or single IPs for ports rather than just opening them up to the net in general. I have a VPS Wireguard bastion I bounce through for remote LAN access. That itself is a good reminder though that it's a limited tool, if a system in my whitelisted range was compromised it'd suddenly have more options, and conversely if I already had something lazy or malicious (maybe IOT, compromise or both) running on my network that was being careful about what it talked to a port scan alone wouldn't necessarily root it out.
Still a potentially useful high level pass for low effort, could make one aware of some surprise devices or fat finger mistakes or the like. But "If you see 404 page, nothing is exposed" is overstating it.
Also at least for me it shows nothing while I do have ports open, but that's because I whitelist limited IP ranges or single IPs for ports rather than just opening them up to the net in general. I have a VPS Wireguard bastion I bounce through for remote LAN access. That itself is a good reminder though that it's a limited tool, if a system in my whitelisted range was compromised it'd suddenly have more options, and conversely if I already had something lazy or malicious (maybe IOT, compromise or both) running on my network that was being careful about what it talked to a port scan alone wouldn't necessarily root it out.
Still a potentially useful high level pass for low effort, could make one aware of some surprise devices or fat finger mistakes or the like. But "If you see 404 page, nothing is exposed" is overstating it.