Is this Paypal Github SDK reference really a dangerous site?In this instance, is code+security code really more secure than just a longer code?This site uses a weak security configuration - SHA-1 signaturesIs it dangerous to interrupt session on a web-site?Firefox presenting a Deceptive Site warning when trying to download a popular github resource. Should I ignore it?

Why do phishing e-mails use faked e-mail addresses instead of the real one?

Why isn't P and P/poly trivially the same?

How can I portion out frozen cookie dough?

Why would /etc/passwd be used every time someone executes `ls -l` command?

Was this cameo in Captain Marvel computer generated?

Use Mercury as quenching liquid for swords?

Unidentified signals on FT8 frequencies

How can I have x-axis ticks that show ticks scaled in powers of ten?

Should we avoid writing fiction about historical events without extensive research?

Having the player face themselves after the mid-game

How to educate team mate to take screenshots for bugs with out unwanted stuff

How to install "rounded" brake pads

How to recover against Snake as a heavyweight character?

A vote on the Brexit backstop

I am the person who abides by rules but breaks the rules . Who am I

What can I do if someone tampers with my SSH public key?

I am the light that shines in the dark

How does a sound wave propagate?

Help! My Character is too much for her story!

Sort array by month and year

What the error in writing this equation by latex?

Does an unused member variable take up memory?

Can multiple states demand income tax from an LLC?

What is the orbit and expected lifetime of Crew Dragon trunk?



Is this Paypal Github SDK reference really a dangerous site?


In this instance, is code+security code really more secure than just a longer code?This site uses a weak security configuration - SHA-1 signaturesIs it dangerous to interrupt session on a web-site?Firefox presenting a Deceptive Site warning when trying to download a popular github resource. Should I ignore it?













31















I'm working on integrating a payment system with paypal in C#, and I installed the official paypal nuget package. Then I went to the paypal github site.



And linked to this below site (SDK Reference).



At this point both Chrome and Firefox warned me about



Deceptive Site Ahead



Is this site really dangerous?



URL's are listed here so that people don't need to click on potentially dangerous links:



https://github.com/paypal/PayPal-NET-SDK
http://paypal.github.io/PayPal-NET-SDK/Samples/PaymentWithPayPal.aspx.html









share|improve this question



















  • 3





    Seems to be fixed in Chrome now.

    – Omegastick
    11 hours ago






  • 1





    I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.

    – zero298
    3 hours ago















31















I'm working on integrating a payment system with paypal in C#, and I installed the official paypal nuget package. Then I went to the paypal github site.



And linked to this below site (SDK Reference).



At this point both Chrome and Firefox warned me about



Deceptive Site Ahead



Is this site really dangerous?



URL's are listed here so that people don't need to click on potentially dangerous links:



https://github.com/paypal/PayPal-NET-SDK
http://paypal.github.io/PayPal-NET-SDK/Samples/PaymentWithPayPal.aspx.html









share|improve this question



















  • 3





    Seems to be fixed in Chrome now.

    – Omegastick
    11 hours ago






  • 1





    I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.

    – zero298
    3 hours ago













31












31








31


1






I'm working on integrating a payment system with paypal in C#, and I installed the official paypal nuget package. Then I went to the paypal github site.



And linked to this below site (SDK Reference).



At this point both Chrome and Firefox warned me about



Deceptive Site Ahead



Is this site really dangerous?



URL's are listed here so that people don't need to click on potentially dangerous links:



https://github.com/paypal/PayPal-NET-SDK
http://paypal.github.io/PayPal-NET-SDK/Samples/PaymentWithPayPal.aspx.html









share|improve this question
















I'm working on integrating a payment system with paypal in C#, and I installed the official paypal nuget package. Then I went to the paypal github site.



And linked to this below site (SDK Reference).



At this point both Chrome and Firefox warned me about



Deceptive Site Ahead



Is this site really dangerous?



URL's are listed here so that people don't need to click on potentially dangerous links:



https://github.com/paypal/PayPal-NET-SDK
http://paypal.github.io/PayPal-NET-SDK/Samples/PaymentWithPayPal.aspx.html






web-browser credit-card account-security






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 17 hours ago







user230910

















asked 17 hours ago









user230910user230910

26537




26537







  • 3





    Seems to be fixed in Chrome now.

    – Omegastick
    11 hours ago






  • 1





    I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.

    – zero298
    3 hours ago












  • 3





    Seems to be fixed in Chrome now.

    – Omegastick
    11 hours ago






  • 1





    I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.

    – zero298
    3 hours ago







3




3





Seems to be fixed in Chrome now.

– Omegastick
11 hours ago





Seems to be fixed in Chrome now.

– Omegastick
11 hours ago




1




1





I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.

– zero298
3 hours ago





I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.

– zero298
3 hours ago










2 Answers
2






active

oldest

votes


















28














This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.



Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.



For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.



google safe browsing results as at Mar 8 2019






share|improve this answer
































    39














    No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.






    share|improve this answer
























      Your Answer








      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "162"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: false,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: null,
      bindNavPrevention: true,
      postfix: "",
      imageUploader:
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      ,
      noCode: true, onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );













      draft saved

      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f205009%2fis-this-paypal-github-sdk-reference-really-a-dangerous-site%23new-answer', 'question_page');

      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      28














      This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.



      Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.



      For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.



      google safe browsing results as at Mar 8 2019






      share|improve this answer





























        28














        This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.



        Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.



        For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.



        google safe browsing results as at Mar 8 2019






        share|improve this answer



























          28












          28








          28







          This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.



          Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.



          For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.



          google safe browsing results as at Mar 8 2019






          share|improve this answer















          This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.



          Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.



          For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.



          google safe browsing results as at Mar 8 2019







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 11 hours ago









          yoozer8

          1721211




          1721211










          answered 16 hours ago









          mootmootmootmoot

          1,769515




          1,769515























              39














              No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.






              share|improve this answer





























                39














                No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.






                share|improve this answer



























                  39












                  39








                  39







                  No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.






                  share|improve this answer















                  No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.







                  share|improve this answer














                  share|improve this answer



                  share|improve this answer








                  edited 17 hours ago

























                  answered 17 hours ago









                  forestforest

                  37.7k17122135




                  37.7k17122135



























                      draft saved

                      draft discarded
















































                      Thanks for contributing an answer to Information Security Stack Exchange!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid


                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.

                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f205009%2fis-this-paypal-github-sdk-reference-really-a-dangerous-site%23new-answer', 'question_page');

                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      Popular posts from this blog

                      How should I support this large drywall patch? Planned maintenance scheduled April 23, 2019 at 00:00UTC (8:00pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?How do I cover large gaps in drywall?How do I keep drywall around a patch from crumbling?Can I glue a second layer of drywall?How to patch long strip on drywall?Large drywall patch: how to avoid bulging seams?Drywall Mesh Patch vs. Bulge? To remove or not to remove?How to fix this drywall job?Prep drywall before backsplashWhat's the best way to fix this horrible drywall patch job?Drywall patching using 3M Patch Plus Primer

                      random experiment with two different functions on unit interval Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 23, 2019 at 00:00UTC (8:00pm US/Eastern)Random variable and probability space notionsRandom Walk with EdgesFinding functions where the increase over a random interval is Poisson distributedNumber of days until dayCan an observed event in fact be of zero probability?Unit random processmodels of coins and uniform distributionHow to get the number of successes given $n$ trials , probability $P$ and a random variable $X$Absorbing Markov chain in a computer. Is “almost every” turned into always convergence in computer executions?Stopped random walk is not uniformly integrable

                      Lowndes Grove History Architecture References Navigation menu32°48′6″N 79°57′58″W / 32.80167°N 79.96611°W / 32.80167; -79.9661132°48′6″N 79°57′58″W / 32.80167°N 79.96611°W / 32.80167; -79.9661178002500"National Register Information System"Historic houses of South Carolina"Lowndes Grove""+32° 48' 6.00", −79° 57' 58.00""Lowndes Grove, Charleston County (260 St. Margaret St., Charleston)""Lowndes Grove"The Charleston ExpositionIt Happened in South Carolina"Lowndes Grove (House), Saint Margaret Street & Sixth Avenue, Charleston, Charleston County, SC(Photographs)"Plantations of the Carolina Low Countrye