Hi Dario, we have changed our IP addresses yesterday. The site is a JS miner, that’s kind of the point of what we are doing but it’s not a web attack. Symantec did whitelist us so I’m not sure why you are seeing these. Perhaps add an exception and we will forward these screenshots on to Symantec to find out what the issue is.
Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Destination Address,Source Address,Traffic Description
2018.07.02. 12:46:11,Medium,An intrusion attempt by platform.jsecoin.com was blocked.,Blocked,No Action Required,Web Attack: JSCoinminer Website,No Action Required,No Action Required,”platform.jsecoin.com (18.104.22.168, 443)”,””,platform.jsecoin.com (22.214.171.124),”TCP, https”
Network traffic from <b>platform.jsecoin.com</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.