Cause of massive google-analytics access

I have /e/ Pie running on my Google Pixel. Apart from the included apps, I only have a two apps and Blokada. Exodus-privacy shows no trackers on the two apps. Normally Blokada shows no blocking apart from when I access a web page with a tracker. Yesterday I had a notification from Blokada saying it blocked google-analytics. I thought it was strange as I had not been looking at any websites. When I checked there were hundreds of blocked accesses. This seemed to happen in batches of ~100 at about 1 hour spacing. When a batch was “active” there was a blocked access every few seconds. After rebooting the phone this seems to have stopped.

Can anyone suggest what may be the cause?

Interested in this topic too.

Hi @anon84098008 pl create a bug here attaching a log from your phone. Since it was a random incident which has stopped after rebooting not sure how much info we can get. All the same issue is worth checking out.


I do not know Blokada (I remember using a firewall app called Norootfirewall in the past in Android, perhaps it does the same), and I may test it, but I would like to understand from more experienced users (or developers) if /e/ itself would need it.
I do not use the smartphone for web browsing, actually the only app that I really use is Whatsapp (sorry … none of my contacts uses better messaging apps…) unders Shelter; apart for that, mine is only a basic phone use (without online backup of SMS/contacts/calendar entries).

Thank you

@Manoj Not sure if there is much to be gained from logs, but I will try to do so this weekend. What concerns me most is where did the google analytics address come from? I can only think of 4 possible sources:

  1. The blacklist in Blokada (though what would pull this address out of a database?)
  2. Some remnant in memory from before I installed /e/
  3. Something in the FW blobs (device drivers) which are produced by google
  4. Somehow a spy app got onto my phone

I think I shall probably never know.

The behavior is back again today. Blokada notification read So it is not just one google service which is trying to be accessed.

In addition to my previous question, if I use Shelter, shall I use Blokada also in the work profile (=under Shelter)?
Thank you

I have some understanding of the issue now. The cause is website trackers, in my case javascript based trackers. By default the web browser allows javascript (which I did not realise). It also fails to kill these scripts when I close the webpage (close the tab) and close the browser. Disabling javascript before going to any websites seems to stop the problem, but as there is some WiFi vs LTE sensitivity to the behavior I am not completely sure. I will be looking for a browser which does not suffer this problem.