List of well-known web sites that port scan their visitors


Level 37
Thread author
Top poster
Feb 4, 2016
Many well-known and heavily used web sites are using a fraud protection script that port scans your local computer for remote access programs.
Last weekend, news heavily circulated that was port scanning visitors' computers when they browsed their site.

This port scanning was conducted by the LexisNexis' ThreatMetrix fraud protection script used to detect potentially hacked computers making fraudulent purchases.
When executed, a feature of this product uses WebSockets to scan 14 different TCP ports on a visitor's computer.
... ...


Level 28
Top poster
Content Creator
Feb 10, 2017
So yes or no?
Bleeping Computer weren't able to confirm themselves:
We could not get the port scan feature to trigger on these sites, but it may have been used on a page we did not visit.
But Microsoft's name shows up on the list:
Annotation 2020-05-30 205805.png

What are the concerns (danger) and what if any thing should I do about this?
It's ethically questionable but nothing to be concerned about. The scans are being conducted by well-known companies for fraud detection, not by malicious actors.
Last edited: