Weird PTR DNS request from my local dietpi installation

Hi everyone,
at home I have installed a pihole server on a raspberry pi3b and dietpi on a raspberry pi 0 W 2. In this latter server I have installed wireguard to use as a vpn to access my home local network from outside. For some time I have known, from the logs of my pihole, that the dietpi server makes strange DNS PTR requests to weird IPs (Chinese, Iranian, etc). I tried to analyze the situation, but I can’t figure it out. The only thing I have done at the moment is blacklist those IPs on pihole (but once blackslisted some other new IP addresses appear).

Can someone help me to figure it out?
Thanks

Start sharing the logs containing PTR request.

Here is a an extract

image726×53 13.7 KB

Thanks

The IP belongs to google.com, it’s just a reverse lookup for this IP from one of your LAN clients.
Why do you think it’s chinese, iranian etc?

I took the wrong one sorry. The following is an example of a correct one:

image711×53 13.6 KB

Still a Google server in Spain https://whatismyip.live/ip/142.250.184.46

Maybe he looked up the reversed IP (46.184.250.142) which would be from Bahrain.

In reverse lookups the IP is shown in reversed order, so 46.184.250.142.in-addr.arpa is a lookup for the domain that belongs to the IP 142.250.184.46.

@ enzo.ionico So my guess is an app tried to contact this google IP 142.250.184.46. and PiHole tries to find out to which domain this IP belongs.
That’s why it’s called a reverse lookup, normally it’s the other way around: You know the domain and want to find out the IP for this domain.

is the xxx.xxx.178.49 the ip of the dietpi server or something in the network?

Do you have ports open thru your firewall?

its 192.168.178.49 indicating a local network.