Lots of enterprise equipment have features where you can mirror traffic off an ethernet port and monitor it, but it is cheap and easy to do if you are poor too. Dig up a 100MB hub, not a switch, and then with another computer plugged into that hub run a program like Wireshark or tcpdump.

This is one reason why I don't run all-in-one router/wireless combos. Most integrated (especially provided by ISP units) devices have no way to tell you what is being sent over the air and then to your ISP.

I noticed it based on Pi-Hole [0] and seeing the excessive DNS Requests to those URLs... started googling and found this post which I thought summed it all up nicely. Looking at the author's post, it also appears they noticed it due to Pi-Hole as well.

EDIT: It was a different post that someone had seen this via Pi-Hole. Not sure how the original author discovered it.

[0] https://pi-hole.net/

Use a decent router that allows packet sniffing. There are various low cost options. I use Mikrotik for example.

Easiest way is to plug the router into an upstream router that you control and sniff the traffic there.

You get a good non-consumer grade router with network sniffing, per-device bandwidth and connection history, and other nice features like that.