Do your block lists contain any Cryptomining address's.
Try this one it has just been updated from https://twitter.com/smokingwheels/status/958184008025649153
https://smokingwheels.github.io/Pi-hole/allhosts
There is a bigger list if you go thru this post I concatenated every BlockList I could find
Try to start capture with (DNS host or name resolution?) it makes it easier.