Does anyone have any idea what the hell are these variable length addresses tor browser is connecting on high ports?? They aren’t onion domains and also aren’t valid clearnet domains - but when I open any one of them to see the details, they have valid IPs mostly of hosting infrastructure..
Maybe related to this?
If that’s the case, then it’s probably a hostname that is real to further “obfuscate” Tor traffic.
And the high ports are the ports of relays.
Each arrow you marked points to a separate Tor circuit (guard → middle relay → exit relay).
Tor Browser opens several circuits in parallel typically 3 to 10 or more depending on activity, guards and settings.
Different ports TLS 9001 9100 8000 13443 9004 etc are normal, these are Tor guard ORPorts .
The domains like www.mudla5fp7ue3izaivdd.com www.4acielkpbb.com etc are randomly generated or obfuscated relay addresses that Tor uses. (not sure about this last point, can someone clarify?)
Are you use obfs4 bridges?