I received e-mail and SMS from my ISP (seems legit, they know street address etc. info) that my connection sends bad traffic. I tried to get more info, but they have not answered. What info I got is that the latest reports concerning my Internet connection has: Code: 2021-09-16T23:51:59 (GMT+3) 1 hosts, TCP:443(100%), SrcPort: 58211 [11.22.33.44] 2021-09-17T00:48:36 (GMT+3) 1 hosts, TCP:443(100%), SrcPort: 58356 [11.22.33.44] 2021-09-17T01:47:26 (GMT+3) 1 hosts, TCP:443(100%), SrcPort: 58477 [11.22.33.44] 2021-09-17T02:45:00 (GMT+3) 1 hosts, TCP:443(100%), SrcPort: 58641 [11.22.33.44] 2021-09-17T03:41:17 (GMT+3) 1 hosts, TCP:443(100%), SrcPort: 59423 [11.22.33.44] 2021-09-17T05:41:00 (GMT+3) 1 hosts, TCP:443(100%), SrcPort: 59844 [11.22.33.44] 2021-09-17T06:40:01 (GMT+3) 1 hosts, TCP:443(100%), SrcPort: 60003 [11.22.33.44] 2021-09-17T07:40:59 (GMT+3) 1 hosts, TCP:443(100%), SrcPort: 60151 [11.22.33.44] 2021-09-17T09:56:59 (GMT+3) 1 hosts, TCP:443(100%), SrcPort: 34912 [11.22.33.44] where I have replaced my public IP-address. What I understand from that is my router sends TCP packets to port 443. About one hour intervals. No idea to where that is sent, if my ISP showed to which IP-addresses the traffic is goiing I might find something in the logs. Now I am stumped. There is all the time traffic to port 443 (browsing web pages with HTTPS is that kind of traffic, is it not?) so I can not see how I could find that once per hour bad packet.
