That gave me a tear!Dont mind the battles you won or lost… mind the war… its not ended
Sending virtual hugs to you!
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
That gave me a tear!Dont mind the battles you won or lost… mind the war… its not ended
This guy sounds like he knows what he speaking aboutYou guys are overthinking... Lets assume the worst scenario, Pandas website was hacked.
So, the client makes the order and the malware creates a Coingate invoice on the website: "Create order at CoinGate and redirect shopper to invoice (payment_url)".
Lets check the params of the invoice:
View attachment 151808
As you can see, we have some new urls here apart from the obvious payment_url.
Lets check success_url, it is created to redirect you to the order details once it is confirmed on the blockchain. It redirects you to your order details.
So, we have 3 different scenarios here:
1.- Payment_url is going to be shown until the payment is confirmed. So every time you log in to your account and then visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
you should see your payment_url (until +1 confirmations). This is a payment_url example:
View attachment 151810
2.- Payment is confirmed and then success_url is shown (order details such as items and status)
3.- We have another one, if the order was created in a legit way but then edited manually (so easy, check this Tutorial on youtube), when you actually try to visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
a permission deny is shown since this order is not created in your account. This is what you see:
View attachment 151812
Just try to enter to Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=+RANDOM NUMBER
a random number) , you should see that page.
I can see that you were on PPL legit site when you made the payment, the SSL certificate is there and the first order is in PPL backend. For those who don't know what a SSL certificate is, basically it provides integrity and encryption to a web server and you can actually ensure that you are communicating with the website you want to (for those who want to learn more about HTTPS Info about HTTPS)
View attachment 151813
So even if the invoice was created by a malware, it was created on PPL site and if you actually log in to your account and visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
you should see the second scenario and not the third.
If you see the second one, malware on Pandas site.
If you see the third one, you are lying.
Record it in a video and we will have an answer. Don't forget to show the PPL SSL certificate in live so we can check that the site was not cloned or edited by you. I can see that you are online now, easy way to prove the scam, come on.
That gave me a tear!
Sending virtual hugs to you!
You guys are overthinking... Lets assume the worst scenario, Pandas website was hacked.
So, the client makes the order and the malware creates a Coingate invoice on the website: "Create order at CoinGate and redirect shopper to invoice (payment_url)".
Lets check the params of the invoice:
View attachment 151808
As you can see, we have some new urls here apart from the obvious payment_url.
Lets check success_url, it is created to redirect you to the order details once it is confirmed on the blockchain. It redirects you to your order details.
So, we have 3 different scenarios here:
1.- Payment_url is going to be shown until the payment is confirmed. So every time you log in to your account and then visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
you should see your payment_url (until +1 confirmations). This is a payment_url example:
View attachment 151810
2.- Payment is confirmed and then success_url is shown (order details such as items and status)
3.- We have another one, if the order was created in a legit way but then edited manually (so easy, check this Tutorial on youtube), when you actually try to visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
a permission deny is shown since this order is not created in your account. This is what you see:
View attachment 151812
Just try to enter to Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=+RANDOM NUMBER
a random number) , you should see that page.
I can see that you were on PPL legit site when you made the payment, the SSL certificate is there and the first order is in PPL backend. For those who don't know what a SSL certificate is, basically it provides integrity and encryption to a web server and you can actually ensure that you are communicating with the website you want to (for those who want to learn more about HTTPS Info about HTTPS)
View attachment 151813
So even if the invoice was created by a malware, it was created on PPL site and if you actually log in to your account and visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
you should see the second scenario and not the third.
If you see the second one, malware on Pandas site.
If you see the third one, you are lying.
Record it in a video and we will have an answer. Don't forget to show the PPL SSL certificate in live so we can check that the site was not cloned or edited by you. I can see that you are online now, easy way to prove the scam, come on.
Thank you man! Don't want to hijack this but anyway is not happening anything anymore until tomorrow at least.the same way you were willing to point out that real thought, you should keep thinking at what you wanna do, dream, achieve… remember that Fortis fortuna adiuvat… keep fighting man…
keep the fire inside you going… i met a guy some months ago, he s 60’s… he s fuckin rediculously strong, he could break a leg with a low kick, he doesnt look hes 60… and he doesnt even give a fuck about it… he s keep training and working… there is lot of time, to be spent in self improving… isnt mandatory to being super cool at 24 yo… who gives a fuck… or better, that shouldn’t put anyone down and prevent him for fighting his war
One big thing here, you’re assuming it was a coin gate generated address, when they’ve used a btc format not even supported by most wallets..You guys are overthinking... Lets assume the worst scenario, Pandas website was hacked.
So, the client makes the order and the malware creates a Coingate invoice on the website: "Create order at CoinGate and redirect shopper to invoice (payment_url)".
Lets check the params of the invoice:
View attachment 151808
As you can see, we have some new urls here apart from the obvious payment_url.
Lets check success_url, it is created to redirect you to the order details once it is confirmed on the blockchain. It redirects you to your order details.
So, we have 3 different scenarios here:
1.- Payment_url is going to be shown until the payment is confirmed. So every time you log in to your account and then visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
you should see your payment_url (until +1 confirmations). This is a payment_url example:
View attachment 151810
2.- Payment is confirmed and then success_url is shown (order details such as items and status)
3.- We have another one, if the order was created in a legit way but then edited manually (so easy, check this Tutorial on youtube), when you actually try to visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
a permission deny is shown since this order is not created in your account. This is what you see:
View attachment 151812
Just try to enter to Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=+RANDOM NUMBER
a random number) , you should see that page.
I can see that you were on PPL legit site when you made the payment, the SSL certificate is there and the first order is in PPL backend. For those who don't know what a SSL certificate is, basically it provides integrity and encryption to a web server and you can actually ensure that you are communicating with the website you want to (for those who want to learn more about HTTPS Info about HTTPS)
View attachment 151813
So even if the invoice was created by a malware, it was created on PPL site and if you actually log in to your account and visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
you should see the second scenario and not the third.
If you see the second one, malware on Pandas site.
If you see the third one, you are lying.
Record it in a video and we will have an answer. Don't forget to show the PPL SSL certificate in live so we can check that the site was not cloned or edited by you. I can see that you are online now, easy way to prove the scam, come on.
I don't think Blockchain.com handle the new address types yet as that's where I have my wallet.One big thing here, you’re assuming it was a coin gate generated address, when they’ve used a btc format not even supported by most wallets..
One big thing here, you’re assuming it was a coin gate generated address, when they’ve used a btc format not even supported by most wallets..
You guys are overthinking... Lets assume the worst scenario, Pandas website was hacked.
So, the client makes the order and the malware creates a Coingate invoice on the website: "Create order at CoinGate and redirect shopper to invoice (payment_url)".
Lets check the params of the invoice:
View attachment 151808
As you can see, we have some new urls here apart from the obvious payment_url.
Lets check success_url, it is created to redirect you to the order details once it is confirmed on the blockchain. It redirects you to your order details.
So, we have 3 different scenarios here:
1.- Payment_url is going to be shown until the payment is confirmed. So every time you log in to your account and then visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
you should see your payment_url (until +1 confirmations). This is a payment_url example:
View attachment 151810
2.- Payment is confirmed and then success_url is shown (order details such as items and status)
3.- We have another one, if the order was created in a legit way but then edited manually (so easy, check this Tutorial on youtube), when you actually try to visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
a permission deny is shown since this order is not created in your account. This is what you see:
View attachment 151812
Just try to enter to Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=+RANDOM NUMBER
a random number) , you should see that page.
I can see that you were on PPL legit site when you made the payment, the SSL certificate is there and the first order is in PPL backend. For those who don't know what a SSL certificate is, basically it provides integrity and encryption to a web server and you can actually ensure that you are communicating with the website you want to (for those who want to learn more about HTTPS Info about HTTPS)
View attachment 151813
So even if the invoice was created by a malware, it was created on PPL site and if you actually log in to your account and visit Purple Panda Labshttps://www.purplepandalabs.com/shop/payment?code=041026682648504
you should see the second scenario and not the third.
If you see the second one, malware on Pandas site.
If you see the third one, you are lying.
Record it in a video and we will have an answer. Don't forget to show the PPL SSL certificate in live so we can check that the site was not cloned or edited by you. I can see that you are online now, easy way to prove the scam, come on.
You can spoof a pay and include any address and QR code, coinbase just happens to be who hosts India’s payments, and that address would be on the original page.It must be CoinGate with a spoofed token since it's the only one included in the website to create urls and invoices there, remember that a invalid address created by a non CoinGate method would give a error status and not a real invoice page
It must be CoinGate with a spoofed token since it's the only one included in the website to create urls and invoices there, remember that a invalid address created by a non CoinGate method would give a error status and not a real invoice page
No, that’s totally possible, just unlikely in my opinion.And there’s no way for someone, anyone (even computer code) to go in and change an order and associate it with a different invoice and then delete that new invoice or anything.
No, that’s totally possible, just unlikely in my opinion.
Nono.. bbbg.. you’re being silly now.. I know you have no real way to know this, but I know how Chinese “warehouse” and “wholesale supply” works.Do you know that PPL has a big warehouse, with keypad coded doors, maybe a fence around it and an employee check-in shack? Maybe next to the warehouse is a 4 story office building with tinted-windows where the mainframe is located and the executives in suits discuss market-share and various strategies. When he says “warehouse” I’m sure most of us like to imagine something like that but I’m guessing it’s more like the Chinese equivalent of a few U-Store-it storage units. I’m not sure how sophisticated the operations really are.
And there’s no way for someone, anyone (even computer code) to go in and change an order and associate it with a different invoice and then delete that new invoice or anything.
You can spoof a pay and include any address and QR code, coinbase just happens to be who hosts India’s payments, and that address would be on the original page.
Nobody can login to coin gate if they were somehow able to get the login info?
So then that leave the possibility CoinGate was compromised somehow to put in a spoofed token. Hmmmm...another rabbit hole...It must be CoinGate with a spoofed token since it's the only one included in the website to create urls and invoices there, remember that a invalid address created by a non CoinGate method would give a error status and not a real invoice page
The token is not placed on CoinGate, it is placed on the server side (as you know since you are a experienced IT). Again, no traces about this one on the server side. So no, no holes here.So then that leave the possibility CoinGate was compromised somehow to put in a spoofed token. Hmmmm...another rabbit hole...
This is what happens when there's a 3rd party server that is not under the control of Panda being used as that brings about risks of its own.I'm a little confused as to why this has to involve Coingate. In my mind the redirect preempted anything sent to or received from Coingate. For the sake of theory, let's say an alternate "malicious" page is served up at random. Everything looks fine, but instead of the addresses or QR code coming from Coingate, it is pulled from elsewhere. And further on this exercise, once the test is deemed successful, the page is pulled from rotation along with whatever triggered it... to be used at a later date.
Still this is a 3rd party server not under the control of Panda...The token is not placed on CoinGate, it is placed on the server side (as you know since you are a experienced IT). Again, no traces about this one on the server side. So no, no holes here.