I’ve been using HA Companion with push notifications for quite a while, until recently when I saw the following pop up in my logs:
Timeout sending notification to https://mobile-apps.home-assistant.io/api/sendPushNotification
After some digging it became apparent that my ISP must be filtering traffic to that host, which resolves to 126.96.36.199 and 188.8.131.52. So I contacted them and they confirmed they have blackholed those addresses as they are used in connection with an increasing number of phishing schemes, and that they are involved with a current investigation. They wouldn’t give any further info, and closed the ticket, obviously without opening things back up.
Digging some more, it appears that those same two IPs are used by a ton of domain names, as they seem to be connected to Firebase services via Fastly. So obviously there could be (and likely usually are) some bad dudes being serviced by those same IPs.
Which finally leads me to my two questions
Are those the only two IPs that mobile-apps.home-assistant.io will resolve to, or given that Fastly is involved, are there other IPs potentially returned base on location? For now I’m running a socat tunnel through a personal server I have at Linode which can access things, but I’d like to get rid of that obviously.
Is there any way for mobile-apps.home-assistant.io to be hosted on IPs addresses outside of that common pair? Just curious if a matter of money or something is preventing that possibility, or if that’s “just the way it is” with Firebase. Although I guess even then a frontend proxy or tunnel ould be setup on another address to isolate things from being grouped in with Firebase exploiters using the same IPs.
Anyway… I realize this is a “personal” problem, although my searches did bring up several others like me recently. Given that my hosts on Linode have sub 1ms (!) ping times to mobile-apps.home-assistant.io it just seems like some (very fast) isolation could be had for cheap.