Just wanted to share a quick blog about figuring out who owns the lesser known adtech domains since most of these I couldn't find anything about when I did quick searches.
Let me know if there was something specific to look for for the API calls, usually I don't interact with the app, but I can do it manually if there is something interesting to check out.
Happy to share the raw MITM logs with you as well.
I've started noticing unity3d.com, I thought it was a game... oh, nope, they also operate an ad network called Unity Ads, I guess they like their reputation!
It'd be nice to have a feature in uBlock origin where you can block certain websites' ip addresses, with a requirement to re-resolve the ip address every few days to ensure the ip hasn't been rotated (blocking unnecessary websites due to the cache).
Would be interesting to snatch one of these domains should the ever be available. If the author has a list of the domains 40k different apps called, there must be some requests going out to domains that are no longer registered.
Given it's sending an internal Unity app id it must have become available and later purchased. It looks like qwickanalytics still exists and is selling analytics for bankers, so unlikely it's working so closely with a game engine?
Nice work on the author to do this digging. Thanks for sharing it.
marketingcloudapis.com has namesevers on salesforce.com and I see it in their documentation too, so it's Salesforce integration?
https://developer.salesforce.com/docs/marketing/marketing-cl...
Wow! That's it! Docs match and each app has a SalesForce SDK as well: https://appgoblin.info/apps/com.adidas.app/sdks
Did you just search that and find it or did you recognize it? I tried searching but not sure what I was missing.
PS: I'll update the article to say it's Salesforce and give you a shoutout, thanks again!
Nit: You updated the wrong line in your table at the end!
Well that was a good nit, fixed.
Just wanted to share a quick blog about figuring out who owns the lesser known adtech domains since most of these I couldn't find anything about when I did quick searches.
If you found this interesting, let me know!
Good info!
What's the best way to log the API calls from an Android app? I want to document the undocumented API calls the Reddit app makes.
You can follow my tutorial here: https://github.com/ddxv/mobile-network-traffic
Overview: I use Waydroid + MITM
Feel free to contact me for a call if you need help. Additionally, I'll scan the Reddit app, the new API calls should show up in a day or two on AppGoblin: https://appgoblin.info/apps/com.reddit.frontpage/data-flows
You can see some of the SDKs Reddit's Android app uses from a decompile in October 2024: https://appgoblin.info/apps/com.reddit.frontpage/sdks
Let me know if there was something specific to look for for the API calls, usually I don't interact with the app, but I can do it manually if there is something interesting to check out.
Happy to share the raw MITM logs with you as well.
Thank you so much!
Without root, pcapdroid might work.
Just an FYI your link to this conversation actually goes to: https: //appgoblin.info/apps/com.adidas.app/sdks
Thanks, my bad, will fix.
Seems like none of those 8 domains is denied by my Pi-hole :/ Added them manually but I'd prefer to rely on Pi-holes blacklists.
I've started noticing unity3d.com, I thought it was a game... oh, nope, they also operate an ad network called Unity Ads, I guess they like their reputation!
It's spyware they acquired some time ago, discussed here
https://news.ycombinator.com/item?id=44334167
Unity Ads have been a thing long before (2014) ironSource merger (2022)
https://unity.com/news/unity-technologies-acquire-applifier-...
https://unity.com/blog/news/welcome-ironsource
It'd be nice to have a feature in uBlock origin where you can block certain websites' ip addresses, with a requirement to re-resolve the ip address every few days to ensure the ip hasn't been rotated (blocking unnecessary websites due to the cache).
Would be interesting to snatch one of these domains should the ever be available. If the author has a list of the domains 40k different apps called, there must be some requests going out to domains that are no longer registered.
That's pretty interesting! I was surprised how many domains like this show up as fairly recent registrations.
So, the mischievous part of my brain is activated....what could be done with such domain names? :-)
Reminder that a website you are visiting may be proxying your data to the adtech company through their services a domain.
Check out the Facebook Conversions API Gateway.
This is the first site I’ve encountered that caused Obsidian Web Clipper to fail.
qa-analytics.com's oldest entry in Internet archive redirects to www.qwickanalytics.com, so not sure if that domain changed hands?
Given it's sending an internal Unity app id it must have become available and later purchased. It looks like qwickanalytics still exists and is selling analytics for bankers, so unlikely it's working so closely with a game engine?