My Tomcat installation crashed some days ago.  It is deployed to serve a
REST API using Jersey. Looking at localhost_access_log daily file, just
before crashing it received the next requests…


X.X.X.X - - [28/Nov/2018:22:38:44 +0000] "GET
/api/webapi/logout?idUser=4&idCustomer=1 HTTP/1.1" 200 -   ß- This is the
last known call before crashing

X.X.X.X - - [28/Nov/2018:22:40:38 +0000] "GET / HTTP/1.1" 200 11452

X.X.X.X - - [28/Nov/2018:22:45:30 +0000] "-" 400 -

X.X.X.X - - [28/Nov/2018:23:48:30 +0000] "GET / HTTP/1.1" 200 11452




IP addresses are named X.X.X.X to protect callers privacy, but it seems that
the last three ones are owned by attackers (IPs are geolocated in China). If
you want I can give them (IPs).


Everything is going ok in Tomcat, but this. 


Have you got any idea?


Thank you!



Fdo.: Ismael López Quintero. 

Ingeniero de Software.

Correo electrónico:  <mailto:ilopezqu...@gmail.com> ilopezqu...@gmail.com.

Sitio Web:  <http://www.desarrolladorsoftware.com/>

Huelva. España. 


Reply via email to