Weird traffic spikes three times a day

Since a while back I’ve had these three spikes everyday. This happens regardless if I’m at home or at work

Haven’t bothered to investigate until today. What I can see there is A LOT of domains queried.

Each domain is 3-6 letters or number DOT cn, aq, com.tr, vn etc (weird top domains)…
There are about 2-8 requests to each domain on both A and AAAA records

What on earth is going on and how can I dig deeper and find the device on my network doing this? I got about 20-30 connected devices to my network at any time.

Best regards,
Chirsbaer

Does your Pi-Hole show individual client IP’s or do all the requests appear to come from the router IP?

This looks like the rotating DNS checks to various top level domains (TLDs) done by some of the IOS apps, in particular real estate and travel apps; but they are normally just a few requests and not the volume you are showing.

Hi jfb!

Thank you for your swift reply!

My Pi-Hole does not show individual IP’s even though I’ve set it up as a DHCP server and turned off my router DHCP server. Haven’t had the time to digging into that either…

The most of my requests appear from the router and the main Asus Lyra unit I have. Not sure which of them is the culprit originates from.

What is this used for? I tried a quick google but my google-fu failed me for that query.

Best regards,
Chirsbaer

pihole_top_clients