Avast WEBforum

Other => Viruses and worms => Topic started by: jakob8450 on October 17, 2021, 02:38:22 PM

Title: Getting A URL:TechScam message Help
Post by: jakob8450 on October 17, 2021, 02:38:22 PM
Hey my name is Jakob and every time I go on a particular stream on twitch I get this message from avast
and cannot see the stream

we're safely aborted connection on video-edge-345f4.cph01.abs.hls.ttvnw.net because it was infected with URL:TechScam

How do i solve this problem so I can watch the stream again thanks for the help.


Title: Re: Getting A URL:TechScam message Help
Post by: bob3160 on October 17, 2021, 03:35:14 PM

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php
Title: Re: Getting A URL:TechScam message Help
Post by: jakob8450 on October 17, 2021, 05:33:56 PM
I dont think that solves the proplem, yes meybe i can go to the webpage, but then I will just get the scam pop-ups. right?
Title: Re: Getting A URL:TechScam message Help
Post by: DavidR on October 17, 2021, 06:24:19 PM
I dont think that solves the proplem, yes meybe i can go to the webpage, but then I will just get the scam pop-ups. right?

You would only be able to go to the web page if the virus labs team consider it a false positive.

This is the point of reporting it so that it can be investigated, it doesn't allow access just because you report it.  That is step one.
Title: Re: Getting A URL:TechScam message Help
Post by: polonus on October 17, 2021, 06:51:20 PM
Well there is an additional problem that security scanners report that the website cannot be scanned.
Unable to report on this hostname as it does not resolve to an IP address.
Tunnel connection failed. Cannot verify connection.  DNS checker gives a 503.
Problem with Cloudflare:
Quote
   x-frame-options      SAMEORIGIN
permissions-policy      accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control      private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires      Thu, 01 Jan 1970 00:00:01 GMT
expect-ct      max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to      {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4IUa31Gj8ik3hvh1xBAQfeGtlUFsKFVNKQRCMiwnm4Jb9rwNZc%2BhqDs8mx14mRBM9UbTnbGdajRpBSNkvqGYpR%2FfrolfXWp7u7f8O%2FsleHaegcN0AxlLlEFJyPBhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel      {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary      Accept-Encoding
server      cloudflare
cf-ray      69fafdabb8d8f40b-LHR
alt-svc      h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Security-Policy-Report-Only      worker-src 'none'; report-uri about:blank
X-DNS-Prefetch-Control      off

So probably you are barking at the wrong tree - should be Cloudflare's and Twitch Interactive Inc. in Washington,
see: https://www.speedguide.net/ip/52.223.244.250
That's all we know so far, wait for a final verdict from avast team.
Here the malware was being analyzed: https://www.joesandbox.com/analysis/244068/0/html

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Title: Re: Getting A URL:TechScam message Help
Post by: Pondus on October 17, 2021, 07:45:43 PM
https://downforeveryoneorjustme.com/345f4.cph01.abs.hls.ttvnw.net
Title: Re: Getting A URL:TechScam message Help
Post by: redwolfe_98 on October 20, 2021, 10:05:13 PM
"ttvnw.net" belongs to "twitch.tv."

this is what the "ublock origin" extension shows while i am watching a video-stream at twitch.tv:

Title: Re: Getting A URL:TechScam message Help
Post by: polonus on October 20, 2021, 10:51:53 PM
The Twitch platform site has weak F-grade-security.
Webpage Behaviour Report says -
hxtps://twitch.tv links to the following External Domains:
==>-static.twitchcdn.net
==>-p.twitchcdn.net
==>-static-cdn.jtvnw.net

See: https://sitereport.netcraft.com/?url=https://www.twitch.tv

polonus