NOTE: This is a translation of my German post 'ESP8266 "telefoniert nach
Hause"' in mikrocontroller.net. I translated it to reach a broader and
more international audience.
Back in october/november I build a light sensor to control the lighting
around my house. You can see the result in the attached picture and the
sensor works fine. The ESP8266 is connected to a WLAN, that is not
connected to the internet and is utilized only for local traffic. Then I
got a new router and noticed, that the ESP8266 tries to reach an
external IP address (now 18.104.22.168, two weeks ago it was
22.214.171.124). The ESP8266 scans ports in the upper port range from
about port 30.000 to 62.000 on that specific address.
Until I noticed the described behaviour, the ESP8266 was not capable to
communicate with external (internet) IP addresses. I can rule out that
the ESP8266 responds to incoming traffic from the internet. I changed
that now and currently I am sniffing the traffic. An actual log of this
traffic is attached as a PCAP-File, which you can download for the use
My device is an ESP8266 coupled with an I2C BH1750 light sensor. The
ESP8266 contains portions of the „ESP8266AdvancedWebserver“ example of
the Aruino IDE (1.6.4) plugin, which was installed through the
board-manager. The webserver returns the sensor value upon a http
I have coded the ESP myself via Arduino IDE and scanned the libs
available as source code. I did not find anything that could explain the
I have made use of the following libs:
At the moment I cannot re-enact this situation in lab conditions and
with different releases. Hence, I kindly ask you to check if your
ESP8266 is calling home as well. You just need to check the routing
table of your router.
Please post if your ESP8266 connects to "alien" servers as well.
Positive/negative reports are welcome.
I attached a picture of my light-sensor, screenshots of my routing table
and a pcap file for Wireshark, where I have collected a few of the
I look forward to hearing from you,