www.pravda.com.ua | Privacy & security report #1169014

http://www.pravda.com.ua/rus/news/2014/09/2/7036582/

Title: "В Украине погибла почти целая рота псковских десантников — российские СМИ | Украинская правда"

Description: ""

Category: News

Keywords: nabu news 10:00 16:09 16:21 17:11 18:06 19:18 20:56 august crimea ukraine document facebook ukrainian poroshenko ukrayinska edeclaration publications administration

Third-party domains

Persistent cookies

Session cookies

Third-party domains is the count of organisations allowed by the webmaster to trace your across the site. These cookies may be set for various purposes, like tracking ads displayed on the website, collection of statistics, targeted advertising etc. This website allows 13 other websites to track your activity.

Persistent cookies are the cookies that are preserved through browser shutdowns. This means, even if you close this page today and ever return there in future, the website will know you're a returning visitor. This may be used for "remember me" features, as well as persistent user tracking. These cookies, especially if set by third party organisations, are powerful tool for monitoring your activities across all the websites you visit. This website sets 17 persistent cookies with average life-time of 919 days and longest 5411 days.

Session cookies are cleared when you close your browser and allow the website to identify user's state — such as logged-in users. They are mostly considered harmless because they cannot be used for long-term user tracking. This site sets 3 session cookies.

Last fetched: 2015-03-09T03:00:02.303503+00:00

HTTP status: 200 200

Cookies and Privacy Attributes

NID

Type: HTTP Cookie
Domain: google.com

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker google (category disconnect) will be blocked by privacybadger

This cookie expires in 183 days
httpOnly This cookie is not readable by client-side JavaScript code » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent

Type: HTTP Cookie
Domain: www.pravda.com.ua
The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: same-origin session

_ga

Type: HTTP Cookie
Domain: pravda.com.ua
This cookie expires in 730 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: same-origin persistent


                _gat

Type: HTTP Cookie
Domain: pravda.com.ua
The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: same-origin session

Type: HTTP Cookie
Domain: bigmir.net

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker bigmir)net (category advertising) will be blocked by disconnectme
Tracker bigmirnet (category advertising) will be blocked by disconnectme

This cookie expires in 1825 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent


                remixlang

Type: HTTP Cookie
Domain: vk.com

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker vkontakte (category social) will be blocked by disconnectme
Tracker vkontakte (category social) will be blocked by privacybadger

This cookie expires in 373 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent

cid

Type: HTTP Cookie
Domain: adriver.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker adriver (category advertising) will be blocked by disconnectme

This cookie expires in 5411 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent


                test_cookie

Google DoubleClick ad tracking cookie

» More...

Type: HTTP Cookie
Domain: doubleclick.net

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker google (category disconnect) will be blocked by disconnectme
Tracker google (category disconnect) will be blocked by privacybadger

The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party session


                __cfduid

Type: HTTP Cookie
Domain: pravda.com
This cookie expires in 365 days
httpOnly This cookie is not readable by client-side JavaScript code » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent


                uuid

Type: HTTP Cookie
Domain: lun.ua
This cookie expires in 365 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent


                video_vid

Type: HTTP Cookie
Domain: video.trafmag.com
This cookie expires in 730 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent

pid

Twitter tracking cookies

» More...

Type: HTTP Cookie
Domain: twitter.com

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker twitter (category disconnect) will be blocked by disconnectme
Tracker twitter (category disconnect) will be blocked by privacybadger
Tracker twitter (category disconnect) will be blocked by eff

This cookie expires in 547 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent


                admguid

Type: HTTP Cookie
Domain: admixer.net
This cookie expires in 731 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent


                FTID

Type: HTTP Cookie
Domain: yadro.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker liveinternet (category advertising) will be blocked by disconnectme
Tracker liveinternet (category advertising) will be blocked by privacybadger

This cookie expires in 364 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent

sd

Type: HTTP Cookie
Domain: adriver.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker adriver (category advertising) will be blocked by disconnectme

The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party session

rs

Type: HTTP Cookie
Domain: adriver.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker adriver (category advertising) will be blocked by disconnectme

The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party session

1d

Type: HTTP Cookie
Domain: adriver.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker adriver (category advertising) will be blocked by disconnectme

This cookie expires in 1 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent

VID

Type: HTTP Cookie
Domain: yadro.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker liveinternet (category advertising) will be blocked by disconnectme
Tracker liveinternet (category advertising) will be blocked by privacybadger

This cookie expires in 364 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent


                yabs-sid

Yandex advertising tracking cookie

» More...

Type: HTTP Cookie
Domain: mc.yandex.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker yandex (category advertising) will be blocked by disconnectme
Tracker yandex (category advertising) will be blocked by privacybadger

The cookie is only valid during current browser session and it will be deleted when you close browser
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party session


                yandexuid

Yandex tracking cookie

» More...

Type: HTTP Cookie
Domain: yandex.ru

A number of privacy protection projects maintain lists of known web trackers. These trackers will be in most cases effectively blocked by their browser extensions:

Tracker yandex (category advertising) will be blocked by disconnectme
Tracker yandex (category advertising) will be blocked by privacybadger
Tracker yandex (category advertising) will be blocked by eff

This cookie expires in 3650 days
httpOnly This cookie can be read by client-side JavaScript which might increase chances of stealing it in case of a successful Cross-Side Scripting attack. It's recommended that cookies storing authentication-related session token are protected by the flag » More...
Sample value:
- Length: bytes ( bits)
- Information entropy: bits (average bits per symbol)
- Information content: bits

Cookie classification: third-party persistent

TLS/SSL configuration report

TLS score

Grade capped at C

Grade capped due to 64-bit cipher (IDEA, RC2, DES or 3DES)

See full SSL/TLS security report for www.pravda.com.ua

HTTP security-related headers assessment

Security score

-4

Security-related HTTP headers

```
X-XSS-Protection: 1; mode=block
```
XSS auditor is enabled in blocking mode
+1

Controls an Cross-Site Scripting (XSS) filters built into the majority of web browsers. The filter is usually turned on by default anyway, but requirement to set the header to 1 became part of canonical set of "secure" HTTP headers. Over time, vulnerabilities in the "sanitizing" mode filter were found, so 1; mode=block became the recommended value. Some companies decided that they don't really need a browser-side XSS filter to mess with their web services which are XSS-free anyway and they became consciously disabling the XSS filter by setting the header to 0.
Read more...
```
Server: nginx
```
Announces web server software and optionally version details.
Read more...
Transport Layer Security (TLS) is not enabled
-2
X-Frame-Options header is missing
-2
X-Content-Type-Options header is missing
-1

Web Cookies Scanner

Cookie and Security Scan Report

http://www.pravda.com.ua/rus/news/2014/09/2/7036582/

Cookies and Privacy Attributes

TLS/SSL configuration report

HTTP security-related headers assessment

Security-related HTTP headers