Scammed by PurplePandaLabs for $900 - GG gaslighting

You guys are overthinking... Lets assume the worst scenario, Pandas website was hacked.

So, the client makes the order and the malware creates a Coingate invoice on the website: "Create order at CoinGate and redirect shopper to invoice (payment_url)".

Lets check the params of the invoice:

View attachment 151808

As you can see, we have some new urls here apart from the obvious payment_url.

Lets check success_url, it is created to redirect you to the order details once it is confirmed on the blockchain. It redirects you to your order details.

So, we have 3 different scenarios here:

1.- Payment_url is going to be shown until the payment is confirmed. So every time you log in to your account and then visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 you should see your payment_url (until +1 confirmations). This is a payment_url example:
View attachment 151810

2.- Payment is confirmed and then success_url is shown (order details such as items and status)

3.- We have another one, if the order was created in a legit way but then edited manually (so easy, check this Tutorial on youtube), when you actually try to visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 a permission deny is shown since this order is not created in your account. This is what you see:

View attachment 151812

Just try to enter to Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=+RANDOM NUMBER a random number) , you should see that page.

I can see that you were on PPL legit site when you made the payment, the SSL certificate is there and the first order is in PPL backend. For those who don't know what a SSL certificate is, basically it provides integrity and encryption to a web server and you can actually ensure that you are communicating with the website you want to (for those who want to learn more about HTTPS Info about HTTPS)

View attachment 151813

So even if the invoice was created by a malware, it was created on PPL site and if you actually log in to your account and visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 you should see the second scenario and not the third.

If you see the second one, malware on Pandas site.
If you see the third one, you are lying.

Record it in a video and we will have an answer. Don't forget to show the PPL SSL certificate in live so we can check that the site was not cloned or edited by you. I can see that you are online now, easy way to prove the scam, come on.
This guy sounds like he knows what he speaking about
 
That gave me a tear!
Sending virtual hugs to you!

the same way you were willing to point out that real thought, you should keep thinking at what you wanna do, dream, achieve… remember that Fortis fortuna adiuvat… keep fighting man…

keep the fire inside you going… i met a guy some months ago, he s 60’s… he s fuckin rediculously strong, he could break a leg with a low kick, he doesnt look hes 60… and he doesnt even give a fuck about it… he s keep training and working… there is lot of time, to be spent in self improving… isnt mandatory to being super cool at 24 yo… who gives a fuck… or better, that shouldn’t put anyone down and prevent him for fighting his war
 
You guys are overthinking... Lets assume the worst scenario, Pandas website was hacked.

So, the client makes the order and the malware creates a Coingate invoice on the website: "Create order at CoinGate and redirect shopper to invoice (payment_url)".

Lets check the params of the invoice:

View attachment 151808

As you can see, we have some new urls here apart from the obvious payment_url.

Lets check success_url, it is created to redirect you to the order details once it is confirmed on the blockchain. It redirects you to your order details.

So, we have 3 different scenarios here:

1.- Payment_url is going to be shown until the payment is confirmed. So every time you log in to your account and then visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 you should see your payment_url (until +1 confirmations). This is a payment_url example:
View attachment 151810

2.- Payment is confirmed and then success_url is shown (order details such as items and status)

3.- We have another one, if the order was created in a legit way but then edited manually (so easy, check this Tutorial on youtube), when you actually try to visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 a permission deny is shown since this order is not created in your account. This is what you see:

View attachment 151812

Just try to enter to Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=+RANDOM NUMBER a random number) , you should see that page.

I can see that you were on PPL legit site when you made the payment, the SSL certificate is there and the first order is in PPL backend. For those who don't know what a SSL certificate is, basically it provides integrity and encryption to a web server and you can actually ensure that you are communicating with the website you want to (for those who want to learn more about HTTPS Info about HTTPS)

View attachment 151813

So even if the invoice was created by a malware, it was created on PPL site and if you actually log in to your account and visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 you should see the second scenario and not the third.

If you see the second one, malware on Pandas site.
If you see the third one, you are lying.

Record it in a video and we will have an answer. Don't forget to show the PPL SSL certificate in live so we can check that the site was not cloned or edited by you. I can see that you are online now, easy way to prove the scam, come on.

I tried logging into my account earlier today but the password has been changed or it has been deactivated - probably when they signed in to record the videos yesterday.

Z_08920.jpg
 
the same way you were willing to point out that real thought, you should keep thinking at what you wanna do, dream, achieve… remember that Fortis fortuna adiuvat… keep fighting man…

keep the fire inside you going… i met a guy some months ago, he s 60’s… he s fuckin rediculously strong, he could break a leg with a low kick, he doesnt look hes 60… and he doesnt even give a fuck about it… he s keep training and working… there is lot of time, to be spent in self improving… isnt mandatory to being super cool at 24 yo… who gives a fuck… or better, that shouldn’t put anyone down and prevent him for fighting his war
Thank you man! Don't want to hijack this but anyway is not happening anything anymore until tomorrow at least.
To be fair I am dealing with some shit for some years now but it is what it is.
 
You guys are overthinking... Lets assume the worst scenario, Pandas website was hacked.

So, the client makes the order and the malware creates a Coingate invoice on the website: "Create order at CoinGate and redirect shopper to invoice (payment_url)".

Lets check the params of the invoice:

View attachment 151808

As you can see, we have some new urls here apart from the obvious payment_url.

Lets check success_url, it is created to redirect you to the order details once it is confirmed on the blockchain. It redirects you to your order details.

So, we have 3 different scenarios here:

1.- Payment_url is going to be shown until the payment is confirmed. So every time you log in to your account and then visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 you should see your payment_url (until +1 confirmations). This is a payment_url example:
View attachment 151810

2.- Payment is confirmed and then success_url is shown (order details such as items and status)

3.- We have another one, if the order was created in a legit way but then edited manually (so easy, check this Tutorial on youtube), when you actually try to visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 a permission deny is shown since this order is not created in your account. This is what you see:

View attachment 151812

Just try to enter to Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=+RANDOM NUMBER a random number) , you should see that page.

I can see that you were on PPL legit site when you made the payment, the SSL certificate is there and the first order is in PPL backend. For those who don't know what a SSL certificate is, basically it provides integrity and encryption to a web server and you can actually ensure that you are communicating with the website you want to (for those who want to learn more about HTTPS Info about HTTPS)

View attachment 151813

So even if the invoice was created by a malware, it was created on PPL site and if you actually log in to your account and visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 you should see the second scenario and not the third.

If you see the second one, malware on Pandas site.
If you see the third one, you are lying.

Record it in a video and we will have an answer. Don't forget to show the PPL SSL certificate in live so we can check that the site was not cloned or edited by you. I can see that you are online now, easy way to prove the scam, come on.
One big thing here, you’re assuming it was a coin gate generated address, when they’ve used a btc format not even supported by most wallets..
 
One big thing here, you’re assuming it was a coin gate generated address, when they’ve used a btc format not even supported by most wallets..
I don't think Blockchain.com handle the new address types yet as that's where I have my wallet.
 
One big thing here, you’re assuming it was a coin gate generated address, when they’ve used a btc format not even supported by most wallets..

It must be CoinGate with a spoofed token since it's the only one included in the website to create urls and invoices there, remember that a invalid address created by a non CoinGate method would give a error status and not a real invoice page
 
You guys are overthinking... Lets assume the worst scenario, Pandas website was hacked.

So, the client makes the order and the malware creates a Coingate invoice on the website: "Create order at CoinGate and redirect shopper to invoice (payment_url)".

Lets check the params of the invoice:

View attachment 151808

As you can see, we have some new urls here apart from the obvious payment_url.

Lets check success_url, it is created to redirect you to the order details once it is confirmed on the blockchain. It redirects you to your order details.

So, we have 3 different scenarios here:

1.- Payment_url is going to be shown until the payment is confirmed. So every time you log in to your account and then visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 you should see your payment_url (until +1 confirmations). This is a payment_url example:
View attachment 151810

2.- Payment is confirmed and then success_url is shown (order details such as items and status)

3.- We have another one, if the order was created in a legit way but then edited manually (so easy, check this Tutorial on youtube), when you actually try to visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 a permission deny is shown since this order is not created in your account. This is what you see:

View attachment 151812

Just try to enter to Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=+RANDOM NUMBER a random number) , you should see that page.

I can see that you were on PPL legit site when you made the payment, the SSL certificate is there and the first order is in PPL backend. For those who don't know what a SSL certificate is, basically it provides integrity and encryption to a web server and you can actually ensure that you are communicating with the website you want to (for those who want to learn more about HTTPS Info about HTTPS)

View attachment 151813

So even if the invoice was created by a malware, it was created on PPL site and if you actually log in to your account and visit Purple Panda Labs https://www.purplepandalabs.com/shop/payment?code=041026682648504 you should see the second scenario and not the third.

If you see the second one, malware on Pandas site.
If you see the third one, you are lying.

Record it in a video and we will have an answer. Don't forget to show the PPL SSL certificate in live so we can check that the site was not cloned or edited by you. I can see that you are online now, easy way to prove the scam, come on.

And there’s no way for someone, anyone (even computer code) to go in and change an order and associate it with a different invoice and then delete that new invoice or anything.
 
It must be CoinGate with a spoofed token since it's the only one included in the website to create urls and invoices there, remember that a invalid address created by a non CoinGate method would give a error status and not a real invoice page
You can spoof a pay and include any address and QR code, coinbase just happens to be who hosts India’s payments, and that address would be on the original page.
 
It must be CoinGate with a spoofed token since it's the only one included in the website to create urls and invoices there, remember that a invalid address created by a non CoinGate method would give a error status and not a real invoice page

Nobody can login to coin gate if they were somehow able to get the login info?
 
No, that’s totally possible, just unlikely in my opinion.

Do you know that PPL has a big warehouse, with keypad coded doors, maybe a fence around it and an employee check-in shack? Maybe next to the warehouse is a 4 story office building with tinted-windows where the mainframe is located and the executives in suits discuss market-share and various strategies. When he says “warehouse” I’m sure most of us like to imagine something like that but I’m guessing it’s more like the Chinese equivalent of a few U-Store-it storage units. I’m not sure how sophisticated the operations really are.
 
Do you know that PPL has a big warehouse, with keypad coded doors, maybe a fence around it and an employee check-in shack? Maybe next to the warehouse is a 4 story office building with tinted-windows where the mainframe is located and the executives in suits discuss market-share and various strategies. When he says “warehouse” I’m sure most of us like to imagine something like that but I’m guessing it’s more like the Chinese equivalent of a few U-Store-it storage units. I’m not sure how sophisticated the operations really are.
Nono.. bbbg.. you’re being silly now.. I know you have no real way to know this, but I know how Chinese “warehouse” and “wholesale supply” works.
 
And there’s no way for someone, anyone (even computer code) to go in and change an order and associate it with a different invoice and then delete that new invoice or anything.

You can spoof a pay and include any address and QR code, coinbase just happens to be who hosts India’s payments, and that address would be on the original page.

Yeah those ones can happen, but again, not without leaving a trace on the server side (and there is no trace about that)

Nobody can login to coin gate if they were somehow able to get the login info?

CoinGate offers a 2-FA login with Google Authenticator which Panda uses, so the hacker would also need access to Pandas phone... Barely possible
 
It must be CoinGate with a spoofed token since it's the only one included in the website to create urls and invoices there, remember that a invalid address created by a non CoinGate method would give a error status and not a real invoice page
So then that leave the possibility CoinGate was compromised somehow to put in a spoofed token. Hmmmm...another rabbit hole...
 
I'm a little confused as to why this has to involve Coingate. In my mind the redirect preempted anything sent to or received from Coingate. For the sake of theory, let's say an alternate "malicious" page is served up at random. Everything looks fine, but instead of the addresses or QR code coming from Coingate, it is pulled from elsewhere. And further on this exercise, once the test is deemed successful, the page is pulled from rotation along with whatever triggered it... to be used at a later date.
 
So then that leave the possibility CoinGate was compromised somehow to put in a spoofed token. Hmmmm...another rabbit hole...
The token is not placed on CoinGate, it is placed on the server side (as you know since you are a experienced IT). Again, no traces about this one on the server side. So no, no holes here.
 
I'm a little confused as to why this has to involve Coingate. In my mind the redirect preempted anything sent to or received from Coingate. For the sake of theory, let's say an alternate "malicious" page is served up at random. Everything looks fine, but instead of the addresses or QR code coming from Coingate, it is pulled from elsewhere. And further on this exercise, once the test is deemed successful, the page is pulled from rotation along with whatever triggered it... to be used at a later date.
This is what happens when there's a 3rd party server that is not under the control of Panda being used as that brings about risks of its own.
 
The token is not placed on CoinGate, it is placed on the server side (as you know since you are a experienced IT). Again, no traces about this one on the server side. So no, no holes here.
Still this is a 3rd party server not under the control of Panda...
 
Back
Top