Lesser known mobile adtech domains where data is sent
13 comments
·August 28, 2025netsharc
I've started noticing unity3d.com, I thought it was a game... oh, nope, they also operate an ad network called Unity Ads, I guess they like their reputation!
miohtama
It's spyware they acquired some time ago, discussed here
anttiharju
Unity Ads have been a thing long before (2014) ironSource merger (2022)
https://unity.com/news/unity-technologies-acquire-applifier-...
politelemon
Nice work on the author to do this digging. Thanks for sharing it.
marketingcloudapis.com has namesevers on salesforce.com and I see it in their documentation too, so it's Salesforce integration?
https://developer.salesforce.com/docs/marketing/marketing-cl...
ddxv
Wow! That's it! Docs match and each app has a SalesForce SDK as well: https://appgoblin.info/apps/com.adidas.app/sdks
Did you just search that and find it or did you recognize it? I tried searching but not sure what I was missing.
PS: I'll update the article to say it's Salesforce and give you a shoutout, thanks again!
ddxv
Just wanted to share a quick blog about figuring out who owns the lesser known adtech domains since most of these I couldn't find anything about when I did quick searches.
If you found this interesting, let me know!
qingcharles
Good info!
What's the best way to log the API calls from an Android app? I want to document the undocumented API calls the Reddit app makes.
ddxv
You can follow my tutorial here: https://github.com/ddxv/mobile-network-traffic
Overview: I use Waydroid + MITM
Feel free to contact me for a call if you need help. Additionally, I'll scan the Reddit app, the new API calls should show up in a day or two on AppGoblin: https://appgoblin.info/apps/com.reddit.frontpage/data-flows
You can see some of the SDKs Reddit's Android app uses from a decompile in October 2024: https://appgoblin.info/apps/com.reddit.frontpage/sdks
Let me know if there was something specific to look for for the API calls, usually I don't interact with the app, but I can do it manually if there is something interesting to check out.
Happy to share the raw MITM logs with you as well.
adithyassekhar
Without root, pcapdroid might work.
raffael_de
Seems like none of those 8 domains is denied by my Pi-hole :/ Added them manually but I'd prefer to rely on Pi-holes blacklists.
DownGoat
Would be interesting to snatch one of these domains should the ever be available. If the author has a list of the domains 40k different apps called, there must be some requests going out to domains that are no longer registered.
ddxv
That's pretty interesting! I was surprised how many domains like this show up as fairly recent registrations.
It'd be nice to have a feature in uBlock origin where you can block certain websites' ip addresses, with a requirement to re-resolve the ip address every few days to ensure the ip hasn't been rotated (blocking unnecessary websites due to the cache).