When writing a report like this, it would be prudent to include more information, such as the port numbers. If your firewall isn't competent enough to provide them, I suggest a better one.
At least two of those hosts clearly indicate that they are NTP servers via simple nslookup. Do you, by any chance, have NTP configured and enabled?
Because so much of the world is Internet-connected these days, it is not only common but almost entirely expected for hosts to be communicating with nameservers, mailservers, timeservers, log servers, update servers, package servers, crash reporting services, and all sorts of other semi-random crap. Some of us don't place our gear in such a way that they can actually talk to the Internet. If you do not want your NAS talking to the Internet, that's great. However, asking why it is talking to ${random-ip} is a very 1996-ish "just got my first Windows firewall" thing to do, and is generally going to be frustrating for everyone especially if you cannot provide any context.
Protocol and port number would have sufficed in this case, but very often for traffic on port TCP/443, you'd also need to provide SNI/URL information in order to provide some sort of context. Otherwise, about half the web traffic in the world ends up at random cloud hosts.
