Mobile push server (mobile-apps.home-assistant.io) blocked by ISP - IP's shared with phishing endpoints :(

I’ve been using HA Companion with push notifications for quite a while, until recently when I saw the following pop up in my logs:

Timeout sending notification to https://mobile-apps.home-assistant.io/api/sendPushNotification

After some digging it became apparent that my ISP must be filtering traffic to that host, which resolves to 151.101.1.195 and 151.101.65.195. So I contacted them and they confirmed they have blackholed those addresses as they are used in connection with an increasing number of phishing schemes, and that they are involved with a current investigation. They wouldn’t give any further info, and closed the ticket, obviously without opening things back up.

Digging some more, it appears that those same two IPs are used by a ton of domain names, as they seem to be connected to Firebase services via Fastly. So obviously there could be (and likely usually are) some bad dudes being serviced by those same IPs.

Which finally leads me to my two questions :slight_smile:

  1. Are those the only two IPs that mobile-apps.home-assistant.io will resolve to, or given that Fastly is involved, are there other IPs potentially returned base on location? For now I’m running a socat tunnel through a personal server I have at Linode which can access things, but I’d like to get rid of that obviously.

  2. Is there any way for mobile-apps.home-assistant.io to be hosted on IPs addresses outside of that common pair? Just curious if a matter of money or something is preventing that possibility, or if that’s “just the way it is” with Firebase. Although I guess even then a frontend proxy or tunnel ould be setup on another address to isolate things from being grouped in with Firebase exploiters using the same IPs.

Anyway… I realize this is a “personal” problem, although my searches did bring up several others like me recently. Given that my hosts on Linode have sub 1ms (!) ping times to mobile-apps.home-assistant.io it just seems like some (very fast) isolation could be had for cheap. :slight_smile:

Wow. That’s not good.

As an interim measure you could set up telegram. It’s free, has actionable notifications and there’s a nice history of messages in the chat (something that the mobile apps lack but I find very handy).

I’ve set up a chat room for system messages (goes only to me) and one for general user notifications that I’ve added other household members to as well. e.g.

This was a great post that got me started:

Thanks for the post. :slight_smile:

I’m actually setup with Pushover, which I use to send my camera alerts and some other potentially more frequent notifications. (as the HA Companion app push does have limits). Although I have been interested in checking out Telegram. You may have pushed that over the edge with the comment about “actionable notifications”. Will check it out. :wink:

Still the HA mobile app push messages offer some pretty nice options. Just sad to loose (direct) access to it.

If none of the mobile app devs notices here you should definitely post over on discord:

iOS: https://discord.gg/SEpFDV
Android: https://discord.gg/J9CsFx

i suggest looking at Gotify. self hosted and very simple to set-up.
only drawback is no actionable notifications. messages, pictures, etc all good.

Interesting. I had a look but no iOS app so that’s a deal breaker for me.