Forums

I've been using python anywhere just to try and test my flask app. I know what requests I should be receiving and it from stripe but I've just recently been checked and there have been a lot of the following: 44.203.79.168 - - [16/Jun/2022:07:37:50 +0000] "POST / HTTP/1.1" 400 11 "-" "Faraday v1.10.0" "44.203.79.168" response-time=0.001 3.237.180.14 - - [16/Jun/2022:07:38:12 +0000] "POST / HTTP/1.1" 400 11 "-" "Faraday v1.10.0" "3.237.180.14" response-time=0.001

When it says Faraday those 2 ips have been accessing a lot.

Then also I've been getting a lot of this just python-requests 34.227.49.46 - - [16/Jun/2022:23:01:45 +0000] "GET / HTTP/1.1" 405 153 "-" "python-requests/2.27.1" "34.227.49.46" response-time=0.005 100.26.146.141 - - [13/Jun/2022:13:26:24 +0000] "GET / HTTP/1.1" 500 1186 "-" "python-requests/2.27.1" "100.26.146.141" response-time=0.006

No, no need to worry. Your web app is available from the public internet, so anyone can probe it with random stuff.

Thanks for the reply but how do people even know my webapp address when it's just something small for me to test out flask and learn how it works. How can I look into if these hits are malicious?

I'm not sure how they find the addresses, but that's something that starts happening pretty much as soon as you put a site up.

The python-requests hits are probably from our system - we make them to check that your site is ready after you reload it.

As for whether they're malicious or not - they may well be, but if your web app is not responding, then they have no way to affect anything.