A couple of weeks back, I upgraded one of my Pis to Bullseye, so far my
only Pi on Bullseye. Since then at 1541 each day, I've noticed a large
spike in the incoming network activity. Sunday saw a spike of 779KBytes
out of daily total of 1610KB.

Curious as to what was going on, I installed Tshark, and set it up to
run for 3 minutes from 1539, sending the output to a file. Upon looking
at the file, I found that apart from the usual network chatter (e.g. the
router asking who had a particular address), I found the following :

37 76.470812759 192.168.1.12 → 217.169.20.20 DNS 90 Standard
query 0xf19f SRV _http._tcp.security.debian.org
38 76.470842394 192.168.1.12 → 217.169.20.20 DNS 94 Standard
query 0xa59f SRV _http._tcp.archive.raspberrypi.org
39 76.470848436 192.168.1.12 → 217.169.20.20 DNS 85 Standard
query 0xc6ab SRV _http._tcp.deb.debian.org
40 76.481293450 217.169.20.20 → 192.168.1.12 DNS 134 Standard
query response 0xf19f SRV _http._tcp.security.debian.org SRV 10 1 80
debian.map.fastlydns.net
41 76.481380689 217.169.20.20 → 192.168.1.12 DNS 157 Standard
query response 0xa59f SRV _http._tcp.archive.raspberrypi.org SOA
april.ns.cloudflare.com
42 76.481644439 217.169.20.20 → 192.168.1.12 DNS 234 Standard
query response 0xc6ab SRV _http._tcp.deb.debian.org SRV 10 1 80
debian.map.fastlydns.net NS sec1.rcode0.net NS sec2.rcode0.net NS
nsp.dnsnode.net NS dns4.easydns.info
43 76.483290787 192.168.1.12 → 217.169.20.20 DNS 84 Standard
query 0x8ef4 A debian.map.fastlydns.net
44 76.483315005 192.168.1.12 → 217.169.20.20 DNS 83 Standard
query 0xbcf7 A archive.raspberrypi.org
45 76.483320057 192.168.1.12 → 217.169.20.20 DNS 83 Standard
query 0x3d05 AAAA archive.raspberrypi.org
46 76.483483911 192.168.1.12 → 217.169.20.20 DNS 84 Standard
query 0x9405 AAAA debian.map.fastlydns.net
47 76.483617296 192.168.1.12 → 217.169.20.20 DNS 84 Standard
query 0xc510 A debian.map.fastlydns.net
48 76.483654119 192.168.1.12 → 217.169.20.20 DNS 84 Standard
query 0x4d05 AAAA debian.map.fastlydns.net
49 76.494021842 217.169.20.20 → 192.168.1.12 DNS 324 Standard
query response 0xbcf7 A archive.raspberrypi.org CNAME lb.raspberrypi.org
CNAME lb.raspberrypi.com A 46.235.231.145 A 46.235.230.122 A
176.126.240.167 A 46.235.231.151 A 93.93.130.212 A 46.235.231.111 A
93.93.135.118 A 176.126.240.84 A 46.235.227.39 A 176.126.240.86 A
93.93.135.117 A 93.93.135.141
50 76.494097362 217.169.20.20 → 192.168.1.12 DNS 468 Standard
query response 0x3d05 AAAA archive.raspberrypi.org CNAME
lb.raspberrypi.org CNAME lb.raspberrypi.com AAAA 2a00:1098:80:56::3:1
AAAA 2a00:1098:84:1e0::2 AAAA 2a00:1098:80:56::1:1 AAAA
2a00:1098:82:47::1:1 AAAA 2a00:1098:82:47::2:1 AAAA 2a00:1098:84:1e0::1
AAAA 2a00:1098:84:1e0::3 AAAA 2a00:1098:88:26::1:1 AAAA
2a00:1098:82:47::1 AAAA 2a00:1098:80:56::2:1 AAAA 2a00:1098:88:26::2:1
AAAA 2a00:1098:88:26::1
51 76.495519284 217.169.20.20 → 192.168.1.12 DNS 172 Standard
query response 0x8ef4 A debian.map.fastlydns.net A 146.75.74.132 NS
ns4.fastlydns.net NS ns1.fastlydns.net NS ns2.fastlydns.net NS
ns3.fastlydns.net
52 76.495530586 192.168.1.12 → 46.235.231.145 TCP 74 56646
→ 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1
TSval=2151160613 TSecr=0 WS=128
53 76.495712200 217.169.20.20 → 192.168.1.12 DNS 172 Standard
query response 0xc510 A debian.map.fastlydns.net A 146.75.74.132 NS
ns4.fastlydns.net NS ns1.fastlydns.net NS ns2.fastlydns.net NS
ns3.fastlydns.net
54 76.496102043 217.169.20.20 → 192.168.1.12 DNS 184 Standard
query response 0x4d05 AAAA debian.map.fastlydns.net AAAA
2a04:4e42:82::644 NS ns1.fastlydns.net NS ns2.fastlydns.net NS
ns3.fastlydns.net NS ns4.fastlydns.net
55 76.496171938 217.169.20.20 → 192.168.1.12 DNS 184 Standard
query response 0x9405 AAAA debian.map.fastlydns.net AAAA
2a04:4e42:82::644 NS ns1.fastlydns.net NS ns2.fastlydns.net NS
ns3.fastlydns.net NS ns4.fastlydns.net
56 76.496839905 192.168.1.12 → 146.75.74.132 TCP 74 59924
→ 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1
TSval=2312770960 TSecr=0 WS=128
57 76.496944592 192.168.1.12 → 146.75.74.132 TCP 74 59930
→ 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1
TSval=2312770960 TSecr=0 WS=128
58 76.506952785 146.75.74.132 → 192.168.1.12 TCP 74 80 →
59930 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1452 SACK_PERM=1
TSval=3782000011 TSecr=2312770960 WS=512
59 76.507027837 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=2312770970
TSecr=3782000011
60 76.506956795 146.75.74.132 → 192.168.1.12 TCP 74 80 →
59924 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1452 SACK_PERM=1
TSval=2958653101 TSecr=2312770960 WS=512
61 76.507061691 192.168.1.12 → 146.75.74.132 TCP 66 59924
→ 80 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=2312770970
TSecr=2958653101
62 76.507493095 192.168.1.12 → 146.75.74.132 HTTP 293 GET
/debian-security/dists/bullseye-security/InRelease HTTP/1.1
63 76.507706949 192.168.1.12 → 146.75.74.132 HTTP 270 GET
/debian/dists/bullseye/InRelease HTTP/1.1
64 76.513721823 46.235.231.145 → 192.168.1.12 TCP 74 80 →
56646 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1452 SACK_PERM=1
TSval=3611821457 TSecr=2151160613 WS=128
65 76.513789739 192.168.1.12 → 46.235.231.145 TCP 66 56646
→ 80 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=2151160631
TSecr=3611821457
66 76.514281040 192.168.1.12 → 46.235.231.145 HTTP 279 GET
/debian/dists/bullseye/InRelease HTTP/1.1
67 76.517564726 146.75.74.132 → 192.168.1.12 TCP 66 80 →
59924 [ACK] Seq=1 Ack=228 Win=145408 Len=0 TSval=2958653111
TSecr=2312770970
68 76.517826600 146.75.74.132 → 192.168.1.12 TCP 66 80 →
59930 [ACK] Seq=1 Ack=205 Win=145408 Len=0 TSval=3782000022
TSecr=2312770970
69 76.518253109 146.75.74.132 → 192.168.1.12 HTTP 356 HTTP/1.1
304 Not Modified
70 76.518282015 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=205 Ack=291 Win=64128 Len=0 TSval=2312770981
TSecr=3782000023
71 76.520364663 192.168.1.12 → 146.75.74.132 HTTP 278 GET
/debian/dists/bullseye-updates/InRelease HTTP/1.1
72 76.521964189 146.75.74.132 → 192.168.1.12 HTTP 395 HTTP/1.1
304 Not Modified
73 76.522039501 192.168.1.12 → 146.75.74.132 TCP 66 59924
→ 80 [ACK] Seq=228 Ack=330 Win=64128 Len=0 TSval=2312770985
TSecr=2958653116
74 76.530218013 146.75.74.132 → 192.168.1.12 TCP 66 80 →
59930 [ACK] Seq=291 Ack=417 Win=146432 Len=0 TSval=3782000035
TSecr=2312770983
75 76.531070823 146.75.74.132 → 192.168.1.12 TCP 689 HTTP/1.1
200 OK [TCP segment of a reassembled PDU]
76 76.531419467 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=914 Ack=417 Win=146432 Len=1436
TSval=3782000035 TSecr=2312770983 [TCP segment of a reassembled PDU]
77 76.531492071 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=2350 Win=64128 Len=0 TSval=2312770994
TSecr=3782000035
78 76.531630456 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=2350 Ack=417 Win=146432 Len=1436
TSval=3782000035 TSecr=2312770983 [TCP segment of a reassembled PDU]
79 76.531766706 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=3786 Ack=417 Win=146432 Len=1436
TSval=3782000035 TSecr=2312770983 [TCP segment of a reassembled PDU]
80 76.531815403 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=5222 Win=64128 Len=0 TSval=2312770995
TSecr=3782000035
81 76.531913997 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=5222 Ack=417 Win=146432 Len=1436
TSval=3782000035 TSecr=2312770983 [TCP segment of a reassembled PDU]
82 76.532060663 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [PSH, ACK] Seq=6658 Ack=417 Win=146432 Len=1436
TSval=3782000035 TSecr=2312770983 [TCP segment of a reassembled PDU]
83 76.532092746 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=8094 Win=64128 Len=0 TSval=2312770995
TSecr=3782000035
84 76.532144725 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=8094 Ack=417 Win=146432 Len=1436
TSval=3782000035 TSecr=2312770983 [TCP segment of a reassembled PDU]
85 76.532266339 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=9530 Ack=417 Win=146432 Len=1436
TSval=3782000035 TSecr=2312770983 [TCP segment of a reassembled PDU]
86 76.532294568 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=10966 Win=64128 Len=0 TSval=2312770995
TSecr=3782000035
87 76.532399828 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=10966 Ack=417 Win=146432 Len=1436
TSval=3782000035 TSecr=2312770983 [TCP segment of a reassembled PDU]
88 76.532763160 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=12402 Ack=417 Win=146432 Len=1436
TSval=3782000035 TSecr=2312770983 [TCP segment of a reassembled PDU]
89 76.532795660 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=13838 Win=64128 Len=0 TSval=2312770996
TSecr=3782000035
90 76.532991857 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [PSH, ACK] Seq=13838 Ack=417 Win=146432 Len=1436
TSval=3782000035 TSecr=2312770983 [TCP segment of a reassembled PDU]
91 76.533475814 146.75.74.132 → 192.168.1.12 TCP 1502 [TCP
Previous segment not captured] 80 → 59930 [PSH, ACK] Seq=21018
Ack=417 Win=146432 Len=1436 TSval=3782000036 TSecr=2312770983 [TCP
segment of a reassembled PDU]
92 76.533518418 192.168.1.12 → 146.75.74.132 TCP 78 59930
→ 80 [ACK] Seq=417 Ack=15274 Win=62720 Len=0 TSval=2312770996
TSecr=3782000035 SLE=21018 SRE=22454
93 76.533604668 146.75.74.132 → 192.168.1.12 TCP 1502 [TCP
Out-Of-Order] 80 → 59930 [ACK] Seq=15274 Ack=417 Win=146432
Len=1436 TSval=3782000036 TSecr=2312770983 [TCP segment of a reassembled
PDU]
94 76.533636074 192.168.1.12 → 146.75.74.132 TCP 78 59930
→ 80 [ACK] Seq=417 Ack=16710 Win=61312 Len=0 TSval=2312770996
TSecr=3782000036 SLE=21018 SRE=22454
95 76.533721699 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=22454 Ack=417 Win=146432 Len=1436
TSval=3782000037 TSecr=2312770983 [TCP segment of a reassembled PDU]
96 76.533753001 192.168.1.12 → 146.75.74.132 TCP 78 [TCP Dup
ACK 94#1] 59930 → 80 [ACK] Seq=417 Ack=16710 Win=61312 Len=0
TSval=2312770996 TSecr=3782000036 SLE=21018 SRE=23890
97 76.533847271 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=23890 Ack=417 Win=146432 Len=1436
TSval=3782000037 TSecr=2312770983 [TCP segment of a reassembled PDU]
98 76.533874406 192.168.1.12 → 146.75.74.132 TCP 78 [TCP Dup
ACK 94#2] 59930 → 80 [ACK] Seq=417 Ack=16710 Win=61312 Len=0
TSval=2312770997 TSecr=3782000036 SLE=21018 SRE=25326
99 76.533970500 146.75.74.132 → 192.168.1.12 TCP 1502 [TCP
Fast Retransmission] 80 → 59930 [ACK] Seq=16710 Ack=417
Win=146432 Len=1436 TSval=3782000036 TSecr=2312770983 [TCP segment of a
reassembled PDU]
100 76.534001646 192.168.1.12 → 146.75.74.132 TCP 78 59930
→ 80 [ACK] Seq=417 Ack=18146 Win=59904 Len=0 TSval=2312770997
TSecr=3782000036 SLE=21018 SRE=25326
101 76.534089406 146.75.74.132 → 192.168.1.12 TCP 1502 [TCP
Out-Of-Order] 80 → 59930 [ACK] Seq=18146 Ack=417 Win=146432
Len=1436 TSval=3782000036 TSecr=2312770983 [TCP segment of a reassembled
PDU]
102 76.534120083 192.168.1.12 → 146.75.74.132 TCP 78 59930
→ 80 [ACK] Seq=417 Ack=19582 Win=58496 Len=0 TSval=2312770997
TSecr=3782000036 SLE=21018 SRE=25326
103 76.534208103 146.75.74.132 → 192.168.1.12 TCP 1502 [TCP
Out-Of-Order] 80 → 59930 [ACK] Seq=19582 Ack=417 Win=146432
Len=1436 TSval=3782000036 TSecr=2312770983 [TCP segment of a reassembled
PDU]
104 76.534245082 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=25326 Win=64128 Len=0 TSval=2312770997
TSecr=3782000036
105 76.534331071 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=25326 Ack=417 Win=146432 Len=1436
TSval=3782000037 TSecr=2312770983 [TCP segment of a reassembled PDU]
106 76.534446592 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=26762 Ack=417 Win=146432 Len=1436
TSval=3782000037 TSecr=2312770983 [TCP segment of a reassembled PDU]
107 76.534468050 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=28198 Win=64128 Len=0 TSval=2312770997
TSecr=3782000037
108 76.534579612 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [PSH, ACK] Seq=28198 Ack=417 Win=146432 Len=1436
TSval=3782000037 TSecr=2312770983 [TCP segment of a reassembled PDU]
109 76.534692268 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=29634 Ack=417 Win=146432 Len=1436
TSval=3782000038 TSecr=2312770983 [TCP segment of a reassembled PDU]
110 76.534716539 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=31070 Win=64128 Len=0 TSval=2312770997
TSecr=3782000037
111 76.534694716 46.235.231.145 → 192.168.1.12 HTTP 176
HTTP/1.1 304 Not Modified
112 76.534764143 192.168.1.12 → 46.235.231.145 TCP 66 56646
→ 80 [ACK] Seq=214 Ack=111 Win=64256 Len=0 TSval=2151160652
TSecr=3611821477
113 76.534874976 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=31070 Ack=417 Win=146432 Len=1436
TSval=3782000038 TSecr=2312770983 [TCP segment of a reassembled PDU]
114 76.534950653 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=32506 Ack=417 Win=146432 Len=1436
TSval=3782000038 TSecr=2312770983 [TCP segment of a reassembled PDU]
115 76.534972163 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=33942 Win=64128 Len=0 TSval=2312770998
TSecr=3782000038
116 76.535087527 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=33942 Ack=417 Win=146432 Len=1436
TSval=3782000038 TSecr=2312770983 [TCP segment of a reassembled PDU]
117 76.535196850 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [PSH, ACK] Seq=35378 Ack=417 Win=146432 Len=1436
TSval=3782000038 TSecr=2312770983 [TCP segment of a reassembled PDU]
118 76.535218933 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=36814 Win=64128 Len=0 TSval=2312770998
TSecr=3782000038
119 76.535383932 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=36814 Ack=417 Win=146432 Len=1436
TSval=3782000039 TSecr=2312770983 [TCP segment of a reassembled PDU]
120 76.535509817 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=38250 Ack=417 Win=146432 Len=1436
TSval=3782000039 TSecr=2312770983 [TCP segment of a reassembled PDU]
121 76.535590025 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=39686 Win=64128 Len=0 TSval=2312770998
TSecr=3782000039
122 76.535677733 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=39686 Ack=417 Win=146432 Len=1436
TSval=3782000039 TSecr=2312770983 [TCP segment of a reassembled PDU]
123 76.535825806 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [PSH, ACK] Seq=41122 Ack=417 Win=146432 Len=1436
TSval=3782000039 TSecr=2312770983 [TCP segment of a reassembled PDU]
124 76.535867889 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=42558 Win=64128 Len=0 TSval=2312770999
TSecr=3782000039
125 76.541879325 146.75.74.132 → 192.168.1.12 TCP 1502 80
→ 59930 [ACK] Seq=42558 Ack=417 Win=146432 Len=1436
TSval=3782000046 TSecr=2312770994 [TCP segment of a reassembled PDU]
126 76.541938596 146.75.74.132 → 192.168.1.12 HTTP 1052
HTTP/1.1 200 OK
127 76.541990888 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=417 Ack=44980 Win=64128 Len=0 TSval=2312771005
TSecr=3782000046
128 78.435572392 192.168.1.12 → 46.235.231.145 TCP 66 56646
→ 80 [FIN, ACK] Seq=214 Ack=111 Win=64256 Len=0 TSval=2151162553
TSecr=3611821477
129 78.438001081 192.168.1.12 → 146.75.74.132 TCP 66 59924
→ 80 [FIN, ACK] Seq=228 Ack=330 Win=64128 Len=0 TSval=2312772901
TSecr=2958653116
130 78.440488781 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [FIN, ACK] Seq=417 Ack=44980 Win=64128 Len=0
TSval=2312772903 TSecr=3782000046
131 78.448070576 146.75.74.132 → 192.168.1.12 TCP 66 80 →
59924 [FIN, ACK] Seq=330 Ack=229 Win=145408 Len=0 TSval=2958655042
TSecr=2312772901
132 78.448199690 192.168.1.12 → 146.75.74.132 TCP 66 59924
→ 80 [ACK] Seq=229 Ack=331 Win=64128 Len=0 TSval=2312772911
TSecr=2958655042
133 78.448074847 146.75.74.132 → 192.168.1.12 TCP 66 [TCP
Keep-Alive] 80 → 59924 [ACK] Seq=330 Ack=229 Win=145408 Len=0
TSval=2958655042 TSecr=2312772901
134 78.448290107 192.168.1.12 → 146.75.74.132 TCP 66 [TCP
Keep-Alive ACK] 59924 → 80 [ACK] Seq=229 Ack=331 Win=64128 Len=0
TSval=2312772911 TSecr=2958655042
135 78.450118694 146.75.74.132 → 192.168.1.12 TCP 66 80 →
59930 [ACK] Seq=44980 Ack=418 Win=146432 Len=0 TSval=3782001955
TSecr=2312772903
136 78.450194944 146.75.74.132 → 192.168.1.12 TCP 66 80 →
59930 [FIN, ACK] Seq=44980 Ack=418 Win=146432 Len=0 TSval=3782001955
TSecr=2312772903
137 78.450249735 192.168.1.12 → 146.75.74.132 TCP 66 59930
→ 80 [ACK] Seq=418 Ack=44981 Win=64128 Len=0 TSval=2312772913
TSecr=3782001955
138 78.454811021 46.235.231.145 → 192.168.1.12 TCP 66 80 →
56646 [FIN, ACK] Seq=111 Ack=215 Win=65024 Len=0 TSval=3611823398
TSecr=2151162553
139 78.454937114 192.168.1.12 → 46.235.231.145 TCP 66 56646
→ 80 [ACK] Seq=215 Ack=112 Win=64256 Len=0 TSval=2151162573
TSecr=3611823398
140 78.458170748 146.75.74.132 → 192.168.1.12 TCP 60 80 →
59924 [RST] Seq=331 Win=0 Len=0

192.168.1.12 is the Pi

A bit of whois'ing suggests that :

217.169.20.20 is my ISP
46.235.231.145 is Mythic Beasts, with an address in Cambridge (UK)
146.75.74.132 is Fastly with a location of San Francisco

So what is going on ? It looks as though it is looking for updates, is
it harmless ?

Adrian
--
To Reply :
replace "bulleid" with "adrian" - all mail to bulleid is rejected
Sorry for the rigmarole, If I want spam, I'll go to the shops
Every time someone says "I don't believe in trolls", another one dies.