"Hi all
I've just finished setting up OPNsense on a small home box (fresh install, default Unbound + DNSBL). Everything looked stable, low latency, no packet loss. Then I noticed repeated DNS queries going out to domains related to Royalspinia and other casino-type sites, even though nobody here actively browses that kind of content. What I expected was clean outbound traffic, but instead I'm seeing bursts every few minutes, mostly from one Windows client. It started right after installing a couple of free browser extensions, so that might be the trigger, but I'm not 100% sure. I'm not a network expert, just trying to keep the setup clean and safe. Would you block this purely at firewall level, tighten DNSBL rules, or look deeper for adware on the client first?
