Concerns about Twitter feed flooded with nudity making unknown Fastly Inc, API requests

Hi,
After seeing my twitter feed flooded with hate content, I was wondering what is happening so I did an analysis of the running processes.

With Process monitor (sysinternals), I discovered these calls:

  • DESKTOP-:59477 → 199.232.168.158:https

… which for me resolves to Fastly Inc.

Although the network tab seems uninteresting (all domains going through x.com), this IS a godaddy registered domain, and was wondering if my DNS cache was poisoned, or something else was going on.

I am using Avast with NordVPN.

After blocking it, it just said “media could not load” which made me think that remote address was causing the tweets to be injected into my session from some side-scripting caused by x.com having a weird BGP poisoning or similar cross-site injection.

Screenshots