I'm currently using a rules list from here, which should do this, however in theory someone suggested a hostname could be assigned to an internal IP to bypass it (not sure how true this is):

https://github.com/gwarser/filter-lists/blob/master/lan-block.txt

Are there any solutions to restricting websocket access to local network IP addresses?

For more specific targeting, it appears ebay uses check.js from some threat assessment company:

http://ghacks.net/2020/05/25/ebay-is-port-scanning-your-system-when-you-load-the-webpage