AppGoblinEvil Nun 2 : Origins
Data calls made by Evil Nun 2 : Origins
Overview of network connections made by Evil Nun 2 : Origins during the first 60 seconds after installation.
Evil Nun 2 : Origins contacted 43 different domains within the first minute of opening. This data was collected from 2 independent scans We identified 6 ad creatives being loaded, confirming active ad monetization. across servers in ๐บ๐ธ ๐ท๐บ ๐ฌ๐ง ๐ฎ๐ช ๐จ๐ณ ๐ธ๐ช ๐ซ๐ท, providing transparency into the app's actual network behavior and data sharing practices.
Scan Runs
2
Unique Domains
43
Ad Creatives Found
6
Countries
๐บ๐ธ๐ท๐บ๐ฌ๐ง๐ฎ๐ช๐จ๐ณ๐ธ๐ช๐ซ๐ท
Contacted Domains (43)
| August 8, 2025 at 14:46:57 | jQuery code.jquery.com/jquery-1.9.1.min.js | ๐บ๐ธ FASTLY | Request: Response: application/javascript | ||
| August 8, 2025 at 14:46:45 | Yandex startup.mobile.yandex.net/analytics/startup | ๐ท๐บ YANDEX LLC | Request: Response: application/octet-stream | ||
| August 8, 2025 at 14:46:47 | Yandex report.appmetrica.yandex.net/report | ๐ท๐บ YANDEX LLC | Request: application/x-www-form-urlencoded Response: application/json | ||
| August 8, 2025 at 14:46:55 | Google googleads.g.doubleclick.net/mads/static | ๐บ๐ธ GOOGLE | Request: Response: text/html | ||
| August 8, 2025 at 14:46:57 | Google googleads.g.doubleclick.net/mads/static | ๐บ๐ธ GOOGLE | Request: Response: text/cache-manifest | ||
| August 8, 2025 at 14:46:47 | Yandex report.appmetrica.yandex.net/report | ๐ท๐บ YANDEX LLC | Request: application/x-www-form-urlencoded Response: application/json | ||
| August 8, 2025 at 14:46:50 | msftconnecttest.com http://www.msftconnecttest.com | ๐บ๐ธ Akamai International B.V. | Request: Response: text/plain | ||
| August 8, 2025 at 14:46:50 | Firebase firebaseinstallations.googleapis.com/v1/p... | ๐บ๐ธ GOOGLE | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:50 | katoid.com usdk.katoid.com/1.1.x/22418CC6-7A97-4115-... | ๐บ๐ธ AMAZON-02 | Request: Response: application/json | ||
| August 8, 2025 at 14:46:50 | Unity3d config.uca.cloud.unity3d.com/ | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:50 | Google google.com/ | ๐บ๐ธ GOOGLE | Request: Response: text/html | ||
| August 8, 2025 at 14:46:51 | Google www.google.com/ | ๐บ๐ธ GOOGLE | Request: Response: text/html | ||
| August 8, 2025 at 14:46:51 | keplerians.com crosspromo.keplerians.com/api/v3 | ๐ฌ๐ง DIGITALOCEAN-ASN | Request: application/x-www-form-urlencoded Response: text/html | ||
| August 8, 2025 at 14:46:51 | Unity3d cdp.cloud.unity3d.com/v1/events | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/json Response: | ||
| August 8, 2025 at 14:46:51 | cloudflare-dns.com cloudflare-dns.com/dns-query | CLOUDFLARENET | Request: charset=utf-8 Response: application/dns-json | ||
| August 8, 2025 at 14:46:51 | Unity3d cdp.cloud.unity3d.com/v1/events | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/json Response: | ||
| August 8, 2025 at 14:46:52 | Yodo1 c1.yodo1.com/config | ๐บ๐ธ AMAZON-02 | Request: Response: application/json | ||
| August 8, 2025 at 14:46:52 | katoid.com geo.katoid.com/city | ๐ฎ๐ช AMAZON-02 | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:52 | katoid.com geo.katoid.com/city | ๐ฎ๐ช AMAZON-02 | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:52 | 223.5.5.5/resolve | ๐จ๐ณ Alibaba US Technology Co., Ltd. | Request: charset=utf-8 Response: application/json | ||
| August 8, 2025 at 14:46:52 | Yodo1 c1.yodo1.com/sync | ๐บ๐ธ AMAZON-02 | Request: text/plain Response: application/json | ||
| August 8, 2025 at 14:46:52 | Amazon Web Services AWS cognito-identity.eu-north-1.amazonaws.com/ | ๐ธ๐ช AMAZON-02 | Request: application/x-amz-json-1.1 Response: application/x-amz-json-1.1 | ||
| August 8, 2025 at 14:46:52 | Yodo1 sdk-mas.yodo1.com/v1/ip_info | ๐บ๐ธ AMAZON-02 | Request: Response: application/json | ||
| August 8, 2025 at 14:46:52 | Amazon Web Services AWS cognito-identity.eu-north-1.amazonaws.com/ | ๐ธ๐ช AMAZON-02 | Request: application/x-amz-json-1.1 Response: application/x-amz-json-1.1 | ||
| August 8, 2025 at 14:46:53 | Yodo1 sdk-mas.yodo1.com/v1/config | ๐บ๐ธ AMAZON-02 | Request: Response: application/json | ||
| August 8, 2025 at 14:46:53 | Yodo1 sdk-mas.yodo1.com/v1/init | ๐บ๐ธ AMAZON-02 | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:53 | Yodo1 sdk-mas.yodo1.com/v1/config | ๐บ๐ธ AMAZON-02 | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:53 | keplerians.com crosspromo.keplerians.com/api/v3 | ๐ฌ๐ง DIGITALOCEAN-ASN | Request: application/x-www-form-urlencoded Response: text/html | ||
| August 8, 2025 at 14:46:53 | AppLovin ms.applovin.com/5.0/i | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:53 | AppLovin ms.applovin.com/5.0/i | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:54 | keplerians.com crosspromo.keplerians.com/api/v3 | ๐ฌ๐ง DIGITALOCEAN-ASN | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:54 | AppLovin ms.applovin.com/5.0/i | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:54 | keplerians.com crosspromo.keplerians.com/api/v3 | ๐ฌ๐ง DIGITALOCEAN-ASN | Request: Response: application/json | ||
| August 8, 2025 at 14:46:54 | Firebase app-measurement.com/config/app | ๐บ๐ธ GOOGLE | Request: Response: application/x-protobuf | ||
| August 8, 2025 at 14:46:54 | Amazon Web Services AWS firehose.eu-north-1.amazonaws.com/ | ๐ธ๐ช AMAZON-02 | Request: application/x-amz-json-1.1 Response: application/x-amz-json-1.1 | ||
| August 8, 2025 at 14:46:54 | Firebase app-measurement.com/a | ๐บ๐ธ GOOGLE | Request: application/x-www-form-urlencoded Response: image/gif | ||
| August 8, 2025 at 14:46:57 | Google googleads.g.doubleclick.net/favicon.ico | ๐บ๐ธ GOOGLE | Request: Response: image/x-icon | ||
| August 8, 2025 at 14:47:01 | Google tpc.googlesyndication.com/pagead/js | ๐บ๐ธ GOOGLE | Request: Response: text/javascript | ||
| August 8, 2025 at 14:46:55 | AppLovin d.applovin.com/2.0/device | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:55 | AppLovin d.applovin.com/2.0/device | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:55 | Fyber cdn2.inner-active.mobi/ia-sdk-config/conf... | ๐บ๐ธ FASTLY | Request: Response: application/json | ||
| August 8, 2025 at 14:46:55 | BidMachine api.bidmachine.io/auction/init | CLOUDFLARENET | Request: application/x-protobuf Response: application/x-protobuf | ||
| August 8, 2025 at 14:46:55 | Unity3d configv2.unityads.unity3d.com/webview/4.12.2 | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/x-www-form-urlencoded Response: application/json | ||
| August 8, 2025 at 14:46:55 | Fyber cdn2.inner-active.mobi/ia-sdk-config/apps | ๐บ๐ธ FASTLY | Request: Response: application/json | ||
| August 8, 2025 at 14:46:55 | BIGO Ads gdl.news-cdn.site/as/bigo-ad-creatives | ๐บ๐ธ ZEN-ECN | Request: Response: application/javascript | ||
| August 8, 2025 at 14:46:55 | Unity3d i-sdk.mediation.unity3d.com/sdk/v8.3.0 | ๐บ๐ธ AMAZON-02 | Request: application/json Response: application/json | ||
| August 8, 2025 at 14:46:55 | AppLovin sts.applovin.com/v1/stats | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/json Response: | ||
| August 8, 2025 at 14:46:55 | Moloco sdkapi.dsp-api.moloco.com/v2/init | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: Response: application/octet-stream | ||
| August 8, 2025 at 14:46:55 | Fyber cdn2.inner-active.mobi/ia-sdk-config/feat... | ๐บ๐ธ FASTLY | Request: Response: application/json | ||
| August 8, 2025 at 14:46:55 | Moloco sdkapi.dsp-api.moloco.com/v3/bidtoken | ๐บ๐ธ GOOGLE-CLOUD-PLATFORM | Request: application/protobuf Response: application/octet-stream |