It'd be nice to have a feature in uBlock origin where you can block certain websites' ip addresses, with a requirement to re-resolve the ip address every few days to ensure the ip hasn't been rotated (blocking unnecessary websites due to the cache).
I've started noticing unity3d.com, I thought it was a game... oh, nope, they also operate an ad network called Unity Ads, I guess they like their reputation!
It's spyware they acquired some time ago, discussed here
Unity Ads have been a thing long before (2014) ironSource merger (2022)
https://unity.com/news/unity-technologies-acquire-applifier-...
Nice work on the author to do this digging. Thanks for sharing it.
marketingcloudapis.com has namesevers on salesforce.com and I see it in their documentation too, so it's Salesforce integration?
https://developer.salesforce.com/docs/marketing/marketing-cl...
Wow! That's it! Docs match and each app has a SalesForce SDK as well: https://appgoblin.info/apps/com.adidas.app/sdks
Did you just search that and find it or did you recognize it? I tried searching but not sure what I was missing.
PS: I'll update the article to say it's Salesforce and give you a shoutout, thanks again!
Just wanted to share a quick blog about figuring out who owns the lesser known adtech domains since most of these I couldn't find anything about when I did quick searches.
If you found this interesting, let me know!
Good info!
What's the best way to log the API calls from an Android app? I want to document the undocumented API calls the Reddit app makes.
You can follow my tutorial here: https://github.com/ddxv/mobile-network-traffic
Overview: I use Waydroid + MITM
Feel free to contact me for a call if you need help. Additionally, I'll scan the Reddit app, the new API calls should show up in a day or two on AppGoblin: https://appgoblin.info/apps/com.reddit.frontpage/data-flows
You can see some of the SDKs Reddit's Android app uses from a decompile in October 2024: https://appgoblin.info/apps/com.reddit.frontpage/sdks
Let me know if there was something specific to look for for the API calls, usually I don't interact with the app, but I can do it manually if there is something interesting to check out.
Happy to share the raw MITM logs with you as well.
Without root, pcapdroid might work.
Seems like none of those 8 domains is denied by my Pi-hole :/ Added them manually but I'd prefer to rely on Pi-holes blacklists.
Would be interesting to snatch one of these domains should the ever be available. If the author has a list of the domains 40k different apps called, there must be some requests going out to domains that are no longer registered.
That's pretty interesting! I was surprised how many domains like this show up as fairly recent registrations.