My Tomcat installation crashed some days ago. It is deployed to serve a REST API using Jersey. Looking at localhost_access_log daily file, just before crashing it received the next requests X.X.X.X - - [28/Nov/2018:22:38:44 +0000] "GET /api/webapi/logout?idUser=4&idCustomer=1 HTTP/1.1" 200 - ß- This is the last known call before crashing X.X.X.X - - [28/Nov/2018:22:40:38 +0000] "GET / HTTP/1.1" 200 11452 X.X.X.X - - [28/Nov/2018:22:45:30 +0000] "-" 400 - X.X.X.X - - [28/Nov/2018:23:48:30 +0000] "GET / HTTP/1.1" 200 11452 Crashed. IP addresses are named X.X.X.X to protect callers privacy, but it seems that the last three ones are owned by attackers (IPs are geolocated in China). If you want I can give them (IPs). Everything is going ok in Tomcat, but this. Have you got any idea? Thank you! -- Fdo.: Ismael López Quintero. Ingeniero de Software. Correo electrónico: <mailto:ilopezqu...@gmail.com> ilopezqu...@gmail.com. Sitio Web: <http://www.desarrolladorsoftware.com/> http://www.desarrolladorsoftware.com/ Huelva. España.