http://purpleyellow.com.br/

Title: "Purple Yellow - Loja Oficial"

Description: "A Purple Yellow é uma marca que não te define, te completa. Feita para quem curte diferenciação, exclusividade, gosta de quebrar tabus e ser meio Fuck a Porra Toda!"

Category: Adult/Pornography

Keywords: bone fuck toda black itens juros porra preco short white melhor purple tshirt carrinho desconto pesquisa produtos adicionar resultado lancamento

Privacy Impact Score

Privacy Impact Score is a score reflecting overall cookie-related impact of the website relative to other websites, primarily taking into account the number of third-party domains it reports to and number of persistent cookies it sets. See Privacy Impact Score article for more details.

Third-party domains

Persistent cookies

Session cookies

Third-party domains is the count of organisations allowed by the webmaster to trace your across the site. These cookies may be set for various purposes, like tracking ads displayed on the website, collection of statistics, targeted advertising etc. This website allows 11 other websites to track your activity.

Persistent cookies are the cookies that are preserved through browser shutdowns. This means, even if you close this page today and ever return there in future, the website will know you're a returning visitor. This may be used for "remember me" features, as well as persistent user tracking. These cookies, especially if set by third party organisations, are powerful tool for monitoring your activities across all the websites you visit. This website sets 27 persistent cookies with average life-time of 2017 days and longest 4791 days.

Session cookies are cleared when you close your browser and allow the website to identify user's state — such as logged-in users. They are mostly considered harmless because they cannot be used for long-term user tracking. This site sets 5 session cookies.

Last fetched: 2018-05-08T00:37:45.194529+00:00

HTTP status: 200 200 OK

Cookies and Privacy Attributes

OpenX advertising tracking cookie

» More...

Type: HTTP Cookie
Domain: openx.net

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker openx (category advertising) will be blocked by disconnectme
Tracker openx (category advertising) will be blocked by privacybadger

This cookie expires in 1506 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
0689a5d2-4bbd-4db7-97c5-84adc3792ac2|1525739838
```
This might be a Base64-encoded cookie. Decoded value:
```
b'\xd3\xaf=k\x97v' … b'\xe1\xb6\xdd' … b'\xe1\xd6\xfb' … b'\xf7\xb79' … b'\xf3\x86\x9ds~\xfd\xd9\xa76'
```
- Length: 24 bytes (192 bits)
- Information entropy: 4.50 bits (average bits per symbol)
- Information content: 108.04 bits

Cookie classification: third-party persistent

uid

Criteo advertising tracking cookie

» More...

Type: HTTP Cookie
Domain: criteo.com

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker criteo (category advertising) will be blocked by disconnectme
Tracker criteo (category advertising) will be blocked by privacybadger

This cookie expires in 1506 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
f7f442d3-722b-46ce-81b5-170921f0c86d
```
This seems to be a UUID (GUID), version: 4
- Length: 36 bytes (288 bits)
- Information entropy: 3.86 bits (average bits per symbol)
- Information content: 139.10 bits

Cookie classification: third-party persistent

fr

Facebook tracking cookie

» More...

Type: HTTP Cookie
Domain: facebook.com

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker facebook (category disconnect) will be blocked by disconnectme
Tracker facebook (category disconnect) will be blocked by privacybadger

This cookie expires in 1231 days
Secure The cookie sets the Secure flag but is itself set on a non-TLS (plaintext HTTP) website. New browsers will ignore such cookies under the Strict Secure cookie policy
httpOnly This cookie is not readable by client-side JavaScript code » More...
Sample value:
```
0evSbaLVQAEqDkpB3..Ba8PE8...1.0.Ba8PE8.
```
- Length: 39 bytes (312 bits)
- Information entropy: 4.00 bits (average bits per symbol)
- Information content: 155.87 bits

Cookie classification: third-party persistent


                test_cookie

A generic test cookie set by a wide range of web platforms.

» More...

Type: HTTP Cookie
Domain: doubleclick.net

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker google (category disconnect) will be blocked by disconnectme
Tracker google (category disconnect) will be blocked by privacybadger

This cookie expires in 1141 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
CheckForPermission
```
- Length: 18 bytes (144 bits)
- Information entropy: 3.61 bits (average bits per symbol)
- Information content: 65.06 bits

Cookie classification: third-party persistent


                cto_lwid

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 1536 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
5a9fa08d-b1ab-4499-87ca-546e109e0372
```
This seems to be a UUID (GUID), version: 4
- Length: 36 bytes (288 bits)
- Information entropy: 3.91 bits (average bits per symbol)
- Information content: 140.61 bits

Cookie classification: same-origin persistent


                _ym_visorc_44801929

Yandex Metrica tracking cookie

» More...

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 1141 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
w
```
- Length: 1 bytes (8 bits)
- Information entropy: 0.00 bits (average bits per symbol)
- Information content: 0.00 bits

Cookie classification: same-origin persistent


                _ym_isad

Yandex Metrica tracking cookie

» More...

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 1142 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
2
```
- Length: 1 bytes (8 bits)
- Information entropy: 0.00 bits (average bits per symbol)
- Information content: 2.00 bits

Cookie classification: same-origin persistent


                SGTS

Type: HTTP Cookie
Domain: www.purpleyellow.com.br
This cookie expires in 1141 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
224C13FA0E7278B6675964B5F9C17E08
```
This cookie seems to be a hexadecimal-encoded data. Attempted decoded value:
```
b'"L\x13\xfa\x0erx\xb6gYd\xb5\xf9\xc1~\x08'
```
This seems to be a MD5 hex-encoded cookie
- Length: 16 bytes (128 bits)
- Information entropy: 4.00 bits (average bits per symbol)
- Information content: 64.00 bits

Cookie classification: same-origin persistent


                ISSMB

Type: HTTP Cookie
Domain: www.purpleyellow.com.br
The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
ScreenMedia=0&UserAcceptMobile=False
```
This might be a Base64-encoded cookie. Decoded value:
```
b'I\xca\xdezs\x1ev&'
```
- Length: 8 bytes (64 bits)
- Information entropy: 3.00 bits (average bits per symbol)
- Information content: 24.00 bits

Cookie classification: same-origin session


                VTEXSC

Type: HTTP Cookie
Domain: www.purpleyellow.com.br
This cookie expires in 1142 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
sc=1
```
- Length: 4 bytes (32 bits)
- Information entropy: 2.00 bits (average bits per symbol)
- Information content: 8.00 bits

Cookie classification: same-origin persistent

Yandex advertising tracking cookie

» More...

Type: HTTP Cookie
Domain: yandex.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker yandex (category advertising) will be blocked by disconnectme
Tracker yandex (category advertising) will be blocked by privacybadger
Tracker yandex (category advertising) will be blocked by eff

This cookie expires in 4791 days
httpOnly This cookie is not readable by client-side JavaScript code » More...

Sample value:

Zcvf7fSnl4PQwxdm49pwoQDgJF5bvdtbWv61ejCQJfI3twk/Zbuwa68WWz7KimQmXn226Ae5En+f2YZu310nlF/XwSM=

This might be a Base64-encoded cookie. Decoded value:

b"e\xcb\xdf\xed\xf4\xa7\x97\x83\xd0\xc3\x17f\xe3\xdap\xa1\x00\xe0$^[\xbd\xdb[Z\xfe\xb5z0\x90%\xf27\xb7\t?e\xbb\xb0k\xaf\x16[>\xca\x8ad&^}\xb6\xe8\x07\xb9\x12\x7f\x9f\xd9\x86n\xdf]'\x94_\xd7\xc1#"

Length: 68 bytes (544 bits)
Information entropy: 5.93 bits (average bits per symbol)
Information content: 403.19 bits

Cookie classification: third-party persistent


                yabs-sid

Yandex tracking cookie

» More...

Type: HTTP Cookie
Domain: mc.yandex.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker yandex (category advertising) will be blocked by disconnectme
Tracker yandex (category advertising) will be blocked by privacybadger

The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
1127454881525739834
```
- Length: 19 bytes (152 bits)
- Information entropy: 2.93 bits (average bits per symbol)
- Information content: 60.00 bits

Cookie classification: third-party session

yp

Yandex advertising tracking cookie

» More...

Type: HTTP Cookie
Domain: yandex.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker yandex (category advertising) will be blocked by disconnectme
Tracker yandex (category advertising) will be blocked by privacybadger
Tracker yandex (category advertising) will be blocked by eff

This cookie expires in 4791 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
1841099834.yrts.1525739834
```
This might be a Base64-encoded cookie. Decoded value:
```
b'\xca\xbbl'
```
- Length: 3 bytes (24 bits)
- Information entropy: 1.58 bits (average bits per symbol)
- Information content: 4.75 bits

Cookie classification: third-party persistent


                yandexuid

Yandex advertising tracking cookie

» More...

Type: HTTP Cookie
Domain: yandex.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker yandex (category advertising) will be blocked by disconnectme
Tracker yandex (category advertising) will be blocked by privacybadger
Tracker yandex (category advertising) will be blocked by eff

This cookie expires in 4791 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
3440424751525739834
```
- Length: 19 bytes (152 bits)
- Information entropy: 2.93 bits (average bits per symbol)
- Information content: 62.00 bits

Cookie classification: third-party persistent


                _ym_uid

Yandex Metrica tracking cookie

» More...

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 1861 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
15257398601025243769
```
- Length: 20 bytes (160 bits)
- Information entropy: 3.25 bits (average bits per symbol)
- Information content: 64.00 bits

Cookie classification: same-origin persistent

NID

Type: HTTP Cookie
Domain: google.com

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker google (category disconnect) will be blocked by privacybadger

This cookie expires in 1324 days
httpOnly This cookie is not readable by client-side JavaScript code » More...
Sample value:
```
129=PAhCa474EhbtUJdMhOJNhGbmdr_zYiUZg1V_P0Bhyz4vJzZF5ZLCQzOyJ3XiREuyrTtbfy8V68u-gMGh1FFcu32LtOOAy-MbEqHMds8dk_nmP2nxp8PP-F-v427KqNwh
```
This might be a Base64-encoded cookie. Decoded value:
```
b'\xd7o' … b'\xcd\x88\x94f\rU'
```
- Length: 8 bytes (64 bits)
- Information entropy: 3.00 bits (average bits per symbol)
- Information content: 24.00 bits

Cookie classification: third-party persistent


                .ASPXAUTH

Type: HTTP Cookie
Domain: www.purpleyellow.com.br
This cookie expires in 1871 days
httpOnly This cookie is not readable by client-side JavaScript code » More...

Sample value:

E387347B4A417B88E610DD81E9590BAB7EC339CA492917DA48B7D6415FA13182F16B736B3291F51382A214F7A2596D7CD1D53919460BB44EB9C5813DE65FF7198F4E63C11C62088C3222CA740B33A3634C4CD655346A1E7B948C94731B66A85C9BED3A14DFB64869BB80395148AB4860AE1602A4B996C64A3632BB5213F74A2EFE37A64D669A9D25C65F2F08E691234BC6A39D4C48A51063AE790D90B45BE16507AA3497

This cookie seems to be a hexadecimal-encoded data. Attempted decoded value:

b'\xe3\x874{JA{\x88\xe6\x10\xdd\x81\xe9Y\x0b\xab~\xc39\xcaI)\x17\xdaH\xb7\xd6A_\xa11\x82\xf1ksk2\x91\xf5\x13\x82\xa2\x14\xf7\xa2Ym|\xd1\xd59\x19F\x0b\xb4N\xb9\xc5\x81=\xe6_\xf7\x19\x8fNc\xc1\x1cb\x08\x8c2"\xcat\x0b3\xa3cLL\xd6U4j\x1e{\x94\x8c\x94s\x1bf\xa8\\\x9b\xed:\x14\xdf\xb6Hi\xbb\x809QH\xabH`\xae\x16\x02\xa4\xb9\x96\xc6J62\xbbR\x13\xf7J.\xfe7\xa6Mf\x9a\x9d%\xc6_/\x08\xe6\x91#K\xc6\xa3\x9dLH\xa5\x10c\xaey\r\x90\xb4[\xe1e\x07\xaa4\x97'

Length: 164 bytes (1312 bits)
Information entropy: 6.62 bits (average bits per symbol)
Information content: 1085.97 bits

Cookie classification: same-origin persistent


                checkout.vtex.com

Type: HTTP Cookie
Domain: www.purpleyellow.com.br
This cookie expires in 1872 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
__ofid=d219ff69b62646cdb09923fd94fdd6da
```
This might be a Base64-encoded cookie. Decoded value:
```
b'\xa1\xf8\x9dwm}}\xfe\xbdo\xad\xba\xe3\xa7\x1doO}\xdbw\xdd\xf7\x87\xddw\xa7Z'
```
- Length: 27 bytes (216 bits)
- Information entropy: 4.18 bits (average bits per symbol)
- Information content: 112.87 bits

Cookie classification: same-origin persistent


                __cfduid

CloudFlare cookie

» More...

Type: HTTP Cookie
Domain: pingdom.net
This cookie expires in 1506 days
httpOnly This cookie is not readable by client-side JavaScript code » More...
Sample value:
```
dd8d13b08498f96335aa381afebf465f11525739834
```
This cookie seems to be a hexadecimal-encoded data. Attempted decoded value:
```
b'\xd8\xd1;\x08I\x8f\x963Z\xa3\x81\xaf\xeb\xf4e\xf1\x15%s\x984'
```
- Length: 21 bytes (168 bits)
- Information entropy: 4.39 bits (average bits per symbol)
- Information content: 92.24 bits

Cookie classification: third-party persistent


                csrftoken

Generic Cross Site Request Forgery prevention token

» More...

Type: HTTP Cookie
Domain: api.instagram.com

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker facebook (category disconnect) will be blocked by privacybadger

This cookie expires in 1505 days
Secure The cookie sets the Secure flag but is itself set on a non-TLS (plaintext HTTP) website. New browsers will ignore such cookies under the Strict Secure cookie policy
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
Kw9AMfzDh6sl91bjq4NLxYNvOkW86xPX
```
This might be a Base64-encoded cookie. Decoded value:
```
b'+\x0f@1\xfc\xc3\x87\xab%\xf7V\xe3\xab\x83K\xc5\x83o:E\xbc\xeb\x13\xd7'
```
- Length: 24 bytes (192 bits)
- Information entropy: 4.42 bits (average bits per symbol)
- Information content: 106.04 bits

Cookie classification: third-party persistent

rur

Type: HTTP Cookie
Domain: api.instagram.com

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker facebook (category disconnect) will be blocked by privacybadger

The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
FTW
```
- Length: 3 bytes (24 bits)
- Information entropy: 1.58 bits (average bits per symbol)
- Information content: 4.75 bits

Cookie classification: third-party session


                ARRAffinity

Type: HTTP Cookie
Domain: selo.clearsale.com.br
The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie is not readable by client-side JavaScript code » More...
Sample value:
```
29daffcff19cdb278216dc67909ce2f7ac14dc672c180f39f784c7988656dc3f
```
This cookie seems to be a hexadecimal-encoded data. Attempted decoded value:
```
b")\xda\xff\xcf\xf1\x9c\xdb'\x82\x16\xdcg\x90\x9c\xe2\xf7\xac\x14\xdcg,\x18\x0f9\xf7\x84\xc7\x98\x86V\xdc?"
```
- Length: 32 bytes (256 bits)
- Information entropy: 4.66 bits (average bits per symbol)
- Information content: 149.25 bits

Cookie classification: third-party session


                _gat_UA-68645430-1

Google Analytics tracking cookie

» More...

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 1141 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
1
```
- Length: 1 bytes (8 bits)
- Information entropy: 0.00 bits (average bits per symbol)
- Information content: 1.00 bits

Cookie classification: same-origin persistent


                _gid

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 1142 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
GA1.3.1886322639.1525739859
```
- Length: 27 bytes (216 bits)
- Information entropy: 3.33 bits (average bits per symbol)
- Information content: 89.85 bits

Cookie classification: same-origin persistent

_ga

Google Analytics tracking cookie

» More...

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 1871 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
GA1.3.551305065.1525739859
```
- Length: 26 bytes (208 bits)
- Information entropy: 3.24 bits (average bits per symbol)
- Information content: 84.30 bits

Cookie classification: same-origin persistent


                VtexFingerPrint

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 4791 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
b4cbcf02d255b120a0f836bf135a2223
```
This cookie seems to be a hexadecimal-encoded data. Attempted decoded value:
```
b'\xb4\xcb\xcf\x02\xd2U\xb1 \xa0\xf86\xbf\x13Z"#'
```
This seems to be a MD5 hex-encoded cookie
- Length: 16 bytes (128 bits)
- Information entropy: 4.00 bits (average bits per symbol)
- Information content: 64.00 bits

Cookie classification: same-origin persistent


                janus_sid

Type: HTTP Cookie
Domain: www.purpleyellow.com.br
This cookie expires in 1141 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
6c6dc310-6120-4c63-888e-c6608976a94a
```
This seems to be a UUID (GUID), version: 4
- Length: 36 bytes (288 bits)
- Information entropy: 3.55 bits (average bits per symbol)
- Information content: 127.71 bits

Cookie classification: same-origin persistent


                VtexRCRequestCounter

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 1141 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
1
```
- Length: 1 bytes (8 bits)
- Information entropy: 0.00 bits (average bits per symbol)
- Information content: 1.00 bits

Cookie classification: same-origin persistent


                VtexRCMacIdv7

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 4791 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
01bfb221-5258-11e8-99ba-617d931420d3
```
This seems to be a UUID (GUID), version: 1
- Length: 36 bytes (288 bits)
- Information entropy: 3.75 bits (average bits per symbol)
- Information content: 135.10 bits

Cookie classification: same-origin persistent


                VtexRCSessionIdv7

Type: HTTP Cookie
Domain: purpleyellow.com.br
This cookie expires in 1141 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
0:01bf8b10-5258-11e8-99ba-617d931420d3
```
This might be a Base64-encoded cookie. Decoded value:
```
b'\xd3V\xdf\xf1\xbdt' … b'\xe7n|' … b'\xd7W\xbc' … b'\xf7\xd6\xda' … b'\xeb^\xdd\xf7}x\xdbGw'
```
- Length: 24 bytes (192 bits)
- Information entropy: 4.50 bits (average bits per symbol)
- Information content: 108.04 bits

Cookie classification: same-origin persistent


                incap_ses_480_25439

Imperva Incapsula user tracking cookie

» More...

Type: HTTP Cookie
Domain: siteblindado.com
The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
```
eGljUDh1kBV7SxTRXU6pBjfx8FoAAAAAyMKDQsL9J0T3cQqzrEeYxA==
```
This might be a Base64-encoded cookie. Decoded value:
```
b"xicP8u\x90\x15{K\x14\xd1]N\xa9\x067\xf1\xf0Z\x00\x00\x00\x00\xc8\xc2\x83B\xc2\xfd'D\xf7q\n\xb3\xacG\x98\xc4"
```
- Length: 40 bytes (320 bits)
- Information entropy: 5.07 bits (average bits per symbol)
- Information content: 202.88 bits

Cookie classification: third-party session


                visid_incap_25439

Imperva Incapsula user tracking cookie

» More...

Type: HTTP Cookie
Domain: siteblindado.com
This cookie expires in 1505 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...

Sample value:

VqGr4icBQBC4vVRcgy+HGzfx8FoAAAAAQUIPAAAAAACAbFXXP0ymrY4WQ2iHg9uk

This might be a Base64-encoded cookie. Decoded value:

b"V\xa1\xab\xe2'\x01@\x10\xb8\xbdT\\\x83/\x87\x1b7\xf1\xf0Z\x00\x00\x00\x00AB\x0f\x00\x00\x00\x00\x00\x80lU\xd7?L\xa6\xad\x8e\x16Ch\x87\x83\xdb\xa4"

Length: 48 bytes (384 bits)
Information entropy: 4.91 bits (average bits per symbol)
Information content: 235.55 bits

Cookie classification: third-party persistent

LocalStorage objects

HTML5 LocalStorage is client-side storage introduced by HTML5 and supported by all major browsers. Data stored there is not sent automatically by the browser (unlike HTTP cookies) but is accessible to JavaScript code permanently, until deleted by the application or cleaned manually by the user. These object can be thus compared to first-party persistent cookies from privacy point of view.


                _ym44801929_lsid

Type: HTML5 LocalStorage cookie
Size: 12 bytes

Cookie classification: first-party persistent


                pa_enabled

Type: HTML5 LocalStorage cookie
Size: 1 bytes

Cookie classification: first-party persistent


                _ym_retryReqs

Type: HTML5 LocalStorage cookie
Size: 2 bytes

Cookie classification: first-party persistent


                cto_lwid

Type: HTML5 LocalStorage cookie
Size: 36 bytes

Cookie classification: first-party persistent

pa

Type: HTML5 LocalStorage cookie
Size: 38 bytes

Cookie classification: first-party persistent


                _ym44801929_lastHit

Type: HTML5 LocalStorage cookie
Size: 13 bytes

Cookie classification: first-party persistent


                _ym44801929_visorbuff

Type: HTML5 LocalStorage cookie
Size: 180 bytes

Cookie classification: first-party persistent


                _ym44801929_reqNum

Type: HTML5 LocalStorage cookie
Size: 1 bytes

Cookie classification: first-party persistent

Advanced trackers

Advanced user tracking and fingerprinting techniques are used by websites to bypass privacy protection in web browsers and increase tracking persistence.

Canvas_fingerprint

.createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .getContext("2d") … .getContext("2d") … .toDataURL() … .toDataURL()

WebGL_fingerprint

.createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .createElement("canvas") … createShader( … createShader( … .shaderSource( … .shaderSource( … .bindBuffer( … .bufferData( … .toDataURL( … .toDataURL( … .getContext("webgl") … .getContext("webgl") … .getContext("experimental-webgl") … .getContext("experimental-webgl")

Font_finterprint

Lucida Sans Typewriter … Lucida Sans Unicode … Microsoft Sans Serif … MS Gothic … MS Outlook … MS PGothic … MS Reference Sans Serif … MS Sans Serif … MS Serif … MT Extra … Magneto … Maiandra GD … Malgun Gothic … Mangal … Marlett … Matura MT Script Capitals … Meiryo … Meiryo … Microsoft Himalaya … Microsoft JhengHei … Microsoft New Tai Lue … Microsoft PhagsPa … Microsoft Tai Le … Microsoft Uighur … MS Mincho … MS PMincho … MS Reference Specialty … MS UI Gothic … MT Extra … MV Boli

Canvas_fingerprint

.createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .getContext("2d") … .getContext("2d") … .toDataURL() … .toDataURL()

WebGL_fingerprint

.createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .createElement("canvas") … createShader( … createShader( … .shaderSource( … .shaderSource( … .bindBuffer( … .bufferData( … .toDataURL( … .toDataURL( … .getContext("webgl") … .getContext("webgl") … .getContext("experimental-webgl") … .getContext("experimental-webgl")

Font_finterprint

Lucida Sans Typewriter … Lucida Sans Unicode … Microsoft Sans Serif … MS Gothic … MS Outlook … MS PGothic … MS Reference Sans Serif … MS Sans Serif … MS Serif … MT Extra … Magneto … Maiandra GD … Malgun Gothic … Mangal … Marlett … Matura MT Script Capitals … Meiryo … Meiryo … Microsoft Himalaya … Microsoft JhengHei … Microsoft New Tai Lue … Microsoft PhagsPa … Microsoft Tai Le … Microsoft Uighur … MS Mincho … MS PMincho … MS Reference Specialty … MS UI Gothic … MT Extra … MV Boli

Canvas_fingerprint

.createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .getContext("2d") … .getContext("2d") … .toDataURL() … .toDataURL()

WebGL_fingerprint

.createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .createElement("canvas") … createShader( … createShader( … .shaderSource( … .shaderSource( … .bindBuffer( … .bufferData( … .toDataURL( … .toDataURL( … .getContext("webgl") … .getContext("webgl") … .getContext("experimental-webgl") … .getContext("experimental-webgl")

Font_finterprint

Lucida Sans Typewriter … Lucida Sans Unicode … Microsoft Sans Serif … MS Gothic … MS Outlook … MS PGothic … MS Reference Sans Serif … MS Sans Serif … MS Serif … MT Extra … Magneto … Maiandra GD … Malgun Gothic … Mangal … Marlett … Matura MT Script Capitals … Meiryo … Meiryo … Microsoft Himalaya … Microsoft JhengHei … Microsoft New Tai Lue … Microsoft PhagsPa … Microsoft Tai Le … Microsoft Uighur … MS Mincho … MS PMincho … MS Reference Specialty … MS UI Gothic … MT Extra … MV Boli

Canvas_fingerprint

.createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .getContext("2d") … .getContext("2d") … .toDataURL() … .toDataURL()

WebGL_fingerprint

.createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .createElement("canvas") … createShader( … createShader( … .shaderSource( … .shaderSource( … .bindBuffer( … .bufferData( … .toDataURL( … .toDataURL( … .getContext("webgl") … .getContext("webgl") … .getContext("experimental-webgl") … .getContext("experimental-webgl")

Font_finterprint

Lucida Sans Typewriter … Lucida Sans Unicode … Microsoft Sans Serif … MS Gothic … MS Outlook … MS PGothic … MS Reference Sans Serif … MS Sans Serif … MS Serif … MT Extra … Magneto … Maiandra GD … Malgun Gothic … Mangal … Marlett … Matura MT Script Capitals … Meiryo … Meiryo … Microsoft Himalaya … Microsoft JhengHei … Microsoft New Tai Lue … Microsoft PhagsPa … Microsoft Tai Le … Microsoft Uighur … MS Mincho … MS PMincho … MS Reference Specialty … MS UI Gothic … MT Extra … MV Boli

Canvas_fingerprint

.createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .getContext("2d") … .getContext("2d") … .toDataURL() … .toDataURL()

WebGL_fingerprint

.createElement("canvas") … .createElement("canvas") … .createElement("canvas") … .createElement("canvas") … createShader( … createShader( … .shaderSource( … .shaderSource( … .bindBuffer( … .bufferData( … .toDataURL( … .toDataURL( … .getContext("webgl") … .getContext("webgl") … .getContext("experimental-webgl") … .getContext("experimental-webgl")

Font_finterprint

Lucida Sans Typewriter … Lucida Sans Unicode … Microsoft Sans Serif … MS Gothic … MS Outlook … MS PGothic … MS Reference Sans Serif … MS Sans Serif … MS Serif … MT Extra … Magneto … Maiandra GD … Malgun Gothic … Mangal … Marlett … Matura MT Script Capitals … Meiryo … Meiryo … Microsoft Himalaya … Microsoft JhengHei … Microsoft New Tai Lue … Microsoft PhagsPa … Microsoft Tai Le … Microsoft Uighur … MS Mincho … MS PMincho … MS Reference Specialty … MS UI Gothic … MT Extra … MV Boli

Beacon_API

navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon

Beacon_API

navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon

Beacon_API

navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon

Beacon_API

navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon

Beacon_API

navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon … navigator.sendBeacon

HTTP security-related headers assessment

Security score

-7

Security-related HTTP headers

```
Location: http://www.purpleyellow.com.br/
```
The HTTP Location header is being returned by a server to redirect the web browser to a new URL of the requested resource. The URL may be relative (/index.html) or absolute (https://example.com).
Read more...
```
Server: nginx/1.10.2
```
The header exposes web server version details. These server no purpose apart from making life of security auditors and hackers easier, leading them straight to exploits for this particular version of product
-1

Announces web server software and optionally version details.
Read more...
```
Content-Security-Policy: upgrade-insecure-requests
```
Content Security Policy is used by a web server to declare a list of trusted content types (images, scripts, media etc) and origins from which they can be safely loaded as intended by the website authors. The Content-Security-Policy-Report-Only header instruct the browser to enable CSP in enforcement mode.
Read more...
```
P3P: policyref="/w3c/p3p.xml",CP="ADMa OUR NOR CNT NID DSP NOI COR"
```
P3P is a mostly abandoned standard for website privacy policy declaration that has little use today. Please consider switching to DoNotTrack standard.
0

Largely abandoned format for declaring website's privacy policy in machine-readable format. The only reason for many websites to use the header was that old versions of Microsoft Internet Explorer disallowed third-party cookies on websites missing P3P.
Read more...
```
Server: nginx
```
Announces web server software and optionally version details.
Read more...
Transport Layer Security (TLS) is not enabled
-2
X-Frame-Options header is missing
-2
X-XSS-Protection header is missing
-1
X-Content-Type-Options header is missing
-1

Content Security Policy

```
upgrade-insecure-requests
```
- Policy delivery method: Content-Security-Policy
- Enforcement: True
- No base-uri allows attackers to inject base tags which override the base URI to an attacker-controlled origin. Set to 'none' unless you need to handle tricky relative URLs scheme

Publisher identifiers

The website uses the following advertisement publisher ids:

44801929 (metrika.yandex.ru)
GTM-TDVG84 (www.googletagmanager.com)

Sub-resources

Most web pages load a number of sub-resources such as images, style sheets (CSS), JavaScript files, web fonts, audio or video files and other web pages in frames. Each of these sub-resources may be loaded from the same server (first-party resource) or servers belonging to other parties (third-party resources). In the latter case, the third-party will see a request coming from your browser with the information on the originating page and it can set its own cookies, both of which are frequently used for user tracking. Note that the cookies set by these sub-resources are already recorded in our cookie statistics for this page.

The page loads 52 third-party JavaScript files and 6 CSS but does not employ Sub-Resource Integrity to prevent breach if a third-party CDN is compromised

Symbols

Resource securely loaded over TLS
Resource insecurely loaded over plaintext HTTP.
A third-party resource. It may perform its own tracking on your requests and receive partial information about your activities on the original website
Resource with reputation warnings
Blacklisted domain
Suspicious pattern detected

Web Cookies Scanner

Cookie and Security Scan Report

http://purpleyellow.com.br/

Cookies and Privacy Attributes

LocalStorage objects

Advanced trackers

HTTP security-related headers assessment

Security-related HTTP headers

Content Security Policy

Publisher identifiers

Sub-resources

Symbols