Hello,
i have this domain "mq0.tuyaeu.com" as my top blocked (blocked it manually because it wasn't blocked before)
But i really would like to know which piece of Software makes these requests. I sadly can't find out.
Do any of you have advice on how to find out? I'm by far no pro when it comes to this.
Thank you for any help 
Have a good day.
First thing to do is to look which client is requesting this domain (see the Query Log). You may find that it is either a PC or maybe a smartphone or maybe an "intelligent" light bulb etc. This will make speculations much easier.
Resurrecting this topic (came across it via Google):
Do you use a smart socket from Teckin or other smart products? I use the Teckin Smart Socket SP22 which contacts the same server. This is not inherently malicious. Blocking it might or might not inhibit certain functions. In the end, the question is whether and to what extent you trust a) the Chinese service provider's intentions and b) their security / infrastructure.