Communication with suspicious random domain name (Preview)

ragnar667 We're seeing these as well; I believe that the requests come from Chrome (or a Chromium-based browser) checking for ISP DNS interception at startup.  (See https://mikewest.org/2012/02/chrome-connects-to-three-random-domains-at-startup/.)  You'll probably see www.[random].com plus one request for each search domain.  This is benign, but unfortunately causes near 100% false-positives.