I was checking my Pi-Hole and noticed a lone spike of 700+ requests coming from my phone (Android 16) this morning. Upon checking the logs, it’s all bogus domains corresponding to package names of apps I have previously installed via the Play Store, but never on this phone.
Going further back in the query log, I realized it also includes the package name of an app I developed years ago but never published on the store, nor on this phone. There’s also a whole bunch of my browsing history apparently, domains I haven’t visited in years - from the age of some of them I’m pretty sure it’s Chrome history, as I only used Firefox sync for a brief period and my local history is <1y.
What the actual fuck? This is a Nothing Phone 3a, updated to Android 16 just a couple of days ago.
Wouldn’t worry too much about it. Seems like it’s trying to fetch favicons. If this is an attempt to get lists of installed apps, it’s too complicated to be called an overcomplicated way.