{"id":14565,"date":"2020-05-25T07:49:00","date_gmt":"2020-05-25T05:49:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=14565"},"modified":"2020-05-25T07:49:00","modified_gmt":"2020-05-25T05:49:00","slug":"ebay-scans-your-clients-ports-during-visit-of-their-site","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/05\/25\/ebay-scans-your-clients-ports-during-visit-of-their-site\/","title":{"rendered":"eBay scans your client&rsquo;s ports during visit of their site"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Stop.jpg\" align=\"left\">[<a href=\"https:\/\/www.borncity.com\/blog\/2020\/05\/25\/ebay-seite-macht-beim-besuch-einen-port-scan\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]It seems that&nbsp; eBay performs a port scan on the clients of its visitors as soon as they access the website ebay.com in their browser. Here are a few information I collected so far.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg04.met.vgwort.de\/na\/5bbcced66fcd4e1b8524f1a3b0d4d46b\" width=\"1\" height=\"1\">The topic has been popping up on Twitter by various people for several hours now. Here is a tweet from a user.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Yep. eBay \"scans\" your computer using browser websockets after you login, looking for specific ports.<br \/>I see ports typically used by RDP, VNC, remote access\/control. 14 were probed.<\/p>\n<p>They'll probably say it's for *my* safety.<br \/>Not cool, eBay. Not cool. <a href=\"https:\/\/t.co\/BJQlxmkqbS\">pic.twitter.com\/BJQlxmkqbS<\/a><\/p>\n<p>\u2014 B:\\a.zza (@mcbazza) <a href=\"https:\/\/twitter.com\/mcbazza\/status\/1264551898473955328?ref_src=twsrc%5Etfw\">May 24, 2020<\/a><\/p><\/blockquote>\n<p><span id=\"preserveb3ef185866d744f7baa6fe1928851eae\" class=\"wlWriterPreserve\"><SCRIPT charset=\"utf-8\" src=\"https:\/\/platform.twitter.com\/widgets.js\" async><\/SCRIPT><\/span> <\/p>\n<p><p>Further details will be disclosed in follow-up tweets. Jack Rhysider has also noticed this in the Edge Browser, as he explains in the following tweet.  <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">If this had conducted a full port scan on my internal network and reported the results to eBay, is that illegal? This is not portscanning the internet, it's port scanning my computer, which is behind a firewall in my home. Is that illegal? Probably not but it's at the line.<br \/>2\/5<\/p>\n<p>\u2014 Jack Rhysider (@JackRhysider) <a href=\"https:\/\/twitter.com\/JackRhysider\/status\/1264415921919029248?ref_src=twsrc%5Etfw\">May 24, 2020<\/a><\/p><\/blockquote>\n<p><span id=\"preserve4001f4c98b4b4cfda8f7eca9646b8ed4\" class=\"wlWriterPreserve\"><SCRIPT charset=\"utf-8\" src=\"https:\/\/platform.twitter.com\/widgets.js\" async><\/SCRIPT><\/span> <\/p>\n<p>Although he uses a firewall, a PortScan is performed locally in the browser and the result is sent to eBay. Rhysider continues to discuss the case, that he doesn't find funny, on Twitter. Nobody really has a real explanation for this till yet. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">eBay port scans visitors' computers for remote support tools &#8211; <a href=\"https:\/\/twitter.com\/LawrenceAbrams?ref_src=twsrc%5Etfw\">@LawrenceAbrams<\/a><a href=\"https:\/\/t.co\/Lo5q5Vr6Rc\">https:\/\/t.co\/Lo5q5Vr6Rc<\/a><\/p>\n<p>\u2014 BleepingComputer (@BleepinComputer) <a href=\"https:\/\/twitter.com\/BleepinComputer\/status\/1264622400441856002?ref_src=twsrc%5Etfw\">May 24, 2020<\/a><\/p><\/blockquote>\n<p><span id=\"preserved7cf49c676a042fdb924dcb3c8ca7cc8\" class=\"wlWriterPreserve\"><SCRIPT charset=\"utf-8\" src=\"https:\/\/platform.twitter.com\/widgets.js\" async><\/SCRIPT><\/span> <\/p>\n<p>Bleeping Computer covered that topic up and published it in the article linked in the above tweet. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">All of these ports are related to remote support\/remote access applications that allow you to take over a computer. There was only one port, 63333, that we could not identify. <a href=\"https:\/\/t.co\/3pRMirgn5P\">pic.twitter.com\/3pRMirgn5P<\/a><\/p>\n<p>\u2014 BleepingComputer (@BleepinComputer) <a href=\"https:\/\/twitter.com\/BleepinComputer\/status\/1264624823537369088?ref_src=twsrc%5Etfw\">May 24, 2020<\/a><\/p><\/blockquote>\n<p><span id=\"preserve9c246188c3864dba9b1969b919217446\" class=\"wlWriterPreserve\"><SCRIPT charset=\"utf-8\" src=\"https:\/\/platform.twitter.com\/widgets.js\" async><\/SCRIPT><\/span> <\/p>\n<p>Lawrence Abrams suspects that compromised computers are to be detected by this scan. Details can be found in the linked Bleeping Computer article. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]It seems that&nbsp; eBay performs a port scan on the clients of its visitors as soon as they access the website ebay.com in their browser. Here are a few information I collected so far.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1319,580],"tags":[512,69],"class_list":["post-14565","post","type-post","status-publish","format-standard","hentry","category-general","category-security","tag-internet","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14565","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=14565"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14565\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=14565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=14565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=14565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}