EBay performs local port scan on visitors
Auction site eBay does a local port scan for all visitors to the site. When visiting eBay, the system is scanned for the presence of tools that enable remote access, such as Windows Remote Desktop or TeamViewer. The site scans fourteen ports.
The site does this via a check.js javascript code. When visitors go to ebay.com, it automatically scans whether they have certain ports open on their computer. Several websites, including Bleeping Computer, found that at least fourteen ports were involved.
| Program | Name eBay Gives | Gate |
| VNC | VNC | 5900 |
| VNC | VNC | 5901 |
| VNC | VNC | 5902 |
| VNC | VNC | 5903 |
| Remote Desktop Protocol | RDP | 3389 |
| Aeroadmin | ARO | 5950 |
| Ammyy Admin | AMY | 5931 |
| TeamViewer | TV0 | 5939 |
| TeamViewer | TV1 | 6039 |
| TeamViewer | TV2 | 5944 |
| TeamViewer | TV2 | 6040 |
| Anyplace Control | APC | 5279 |
| AnyDesk | ANY | 7070 |
Also for a still unknown program is scanned on port 63333.
It is not known why eBay carries out port scans exactly. The original discoverer, NullSweep, speculates that it is a security measure. Tools like VNC are sometimes misused by botnets or malware to gain access to a PC.
Port scans on their own can’t do much harm, but it’s noticeable when a site does it. EBay is also not the first site to do port scans, but this is usually done by banks, for example, who want to scan users’ systems for viruses.
eBay itself has not yet commented on the discovery. Users on Reddit, among others, note that port scanning can be blocked with add-ons such as NoScript or with ad blockers.