How to decrypt Firebase requests to app-measurement.com

Question

We noticed that our iOS app is sending requests to http://app-measurement.com. The body seems to be encrypted or compressed though

:method: POST
:scheme: https
:path: /a
:authority: app-measurement.com
accept: */*
content-type: application/x-www-form-urlencoded
content-encoding: gzip
accept-language: en-gb
content-length: 371
accept-encoding: br, gzip, deflate


 ;

_uwa

_pfoq


_oauto

_r

_c_fݶ- 
...

I already checked if it's gzip but that doesn't seem to be it.

Does anyone know how to decrypt this to be able to see the request content?

Answer 1

firebaser here

This request is part of Google Analytics for Firebase to report the analytics events from the client. It is heavily compressed to minimize the bandwidth usage.

There is no public API to see the raw contents of the request, but here is where you can find more on the data collected:

1. The documentation on auto-collected events and auto collected user properties.
2. The BigQuery schema is a pretty good representation of what we collect (although this also includes some fields which are added on the server, like location information and traffic source, in some cases).
3. Device logs (e.g. logcat) expose the events/parameters we log.