I learned a lot tonight. This is what dev tools tells me in Edge by just visiting eBay.

The website is port scanning my laptop, bypassing my firewall, and doing it in/from the browser.

It checked 14 ports.

Let's discuss. 1/5

If this had conducted a full port scan on my internal network and reported the results to eBay, is that illegal? This is not portscanning the internet, it's port scanning my computer, which is behind a firewall in my home. Is that illegal? Probably not but it's at the line.
2/5

There's a lot of theories on why eBay is doing this.

Ads. If Steam is open, serve a steam ad.
Browser Fingerprinting
Bot detection
Fraud detection.

3/5

Tor has this kind of crap disabled by default. It's part of the spec.

Opera also blocks this kind of wicked behavior.

I think someone needs to post what browsers are allowing this and what aren't. I only tested on Edge 44.

4/5

I'm looking for answers to these questions. Hint hint, any bloggers out there?
1. What browsers are vuln.
2. What browser extensions block this.

This is a browser issue.
5/5

Good point! Lots of games do do this. https://twitter.com/thephreck/status/1264410137030098944