This is most likely an attempt to connect to a webserver on your own device to collect data and/or do tracking.

Remember back in June when Facebook/meta got caught tracking users trough a webserver on Android phone thought Messenger and Instagram? Same thing.

See: https://news.ycombinator.com/item?id=44169115 and https://news.ycombinator.com/item?id=44175940

▲

dannyw 2 days ago | parent | next [-]

Why do you say that’s most likely?

This is a common pattern for connecting to smart cards / hardware security devices. Probably a service or hardware that’s run on official CBP machines that should be disabled for prod, but forgot.

	▲	77pt77 2 days ago \| parent [-]
		This is by far the most likely reason. I personally use pages that authenticate via a smartcard using this exact scheme. There is a Java "plugin" that is nothing but a mini webserver that listens on a specific port and performs authentication.

▲

darkwater 2 days ago | parent | prev [-]

How are you so sure?