My personal site
I recently started helping a less technical friend and had my first chance to see/use Contabo VPS. I’ve been really surprised at their default security practices so far. Contabo’s default VPS creation seems to be root user and password? If you go to “Advanced” the default is to create a user called “admin” (good!) and…
This is the full list of the main API endpoints that apps send data to. This is across ~70k android apps and the smallest endpoint has about ~90 apps that send data to it, meaning it’s unlikely to be an app developer’s domain. Then I checked whether these domains were in any of: https://github.com/StevenBlack/hosts, https://easylist.to/easylist/easylist.txt…
I recently started using Contabo VPS’ while working with some friends and at some point we decided we wanted to use local networks. On all other major cloud providers this is free, faster and encouraged to send data over the private local network rather than across the public internet when communicating with two instances. Contabo?…
Last week I wrote a blog working through a few unknown endpoints. My goal was to bring some attention to these lesser known end points where many apps send their data. This post is split into two sections. The first at the top here are endpoints that do not have landing pages and have not…
AppGoblin has now run over 40k apps in an emulator, tracking millions of API calls thousands of advertising domains. Unfortunately, some of them are dark, meaning they have no landing page of any kind, and I’m unclear who controls these domains. news-cdn.site marketingcloudapis.com kickoffo.site onegg.site lazybumblebee.com qa-analytics.com acobt.tech yastatic.net Let’s see if we can figure…
Want to know which apps are buying mobile app ads in 2025? AppGoblin is excited to share the latest ad network rankings for August 2025, based on our ongoing scans of live mobile app ads. AppGoblin SDK scans already make it clear which apps are monetizing with which ad networks, or which companies provide the…
I saw this hilarious exchange in one of the issues covering Apple’s recent changes that make it impossible to download IPA files. Recreating an iPhone’s authentication to Apple App Store is a bit of a cat and mouse game. Apple recently changed it’s backend, so now dozens of projects are trying to find ways to…
Well for a quick weekend recap I’m going to look at which 3rd party SDKs and API calls I can find in the big 4 Android chat apps based. We’ll be using free data from AppGoblin which you can feel free to browse at any of the links below or on tables. Data is collected…
Well, multiple disks hovering close to 99%, it’s definitely time to increase storage for OpenAttribution and AppGoblin. I needed cheap S3 hosting, and I had a pretty strong urge to do it myself. Parts This should be up to you, but in the end I ended up grabbing an 8-bay Just-a-Bunch-Of-Disks (JBOD) which is a…
The good news just keeps coming: Apple was found to be violating antitrust relating to it’s App Store monetization policies. We (in the mobile ad space) have known this for years here’s me mentioning that Apple is a monopoly on iOS advertising in a blog post in 2022. I’m just happy that the courts are…