Help Center

  1. StackPath Help
  2. WAF
  3. Supplemental Information

Learn About WAF Cookies

Avatar
Yaniv Parasol
Updated:

Overview

The StackPath WAF uses different cookies to analyze user and browsing behavior.

Review the specific cookies used by the WAF:

Cookie Duration Notes Example Value Path HttpOnly SameSite
PRLST Session
  • Created By ‘Set-Cookie’ response header
  • Gets the value from injected JS
  • Value Contains a Unique ID of the requested page
 AV /    
SPSI Session
  • Session Cookie
  • Created By ‘Set-Cookie’ response header
  • Contains the sessionID value
 4e1ed32a27577bd95612f973777f8c3d      
UTGv2 Persistent
  • User Tag Token - 
    Unique identifier to identify behavior on site
  • Created snd gets values from injected JS
  • Contains the usertag value
  • Unique to browser and domain
 h4c5f3ab2d0ea64a63234ae2df4417f2d145   /    
adOtr Session
  • Unique identifier to identify behavior on site
  • GUI interaction related
  • shell mouse script
  • Filled by the JS with the value of the first GUI interaction like:
    Mouse move,Mouse Click (Mouse Down),Scroll (Both Mouse / Keyboard / Touch),Mobile Touch down
 dee34a1T257  /    
spcsrf 1:55 Minutes ago
  • CSRF module Protection related
 e98c27a664bbd73bd1b55be5a0f753eb / V Strict
The StackPath WAF may use other cookies for specific scenarios or when an action is applied, such as Captcha. These additional cookies are:  sp_lit, sbtsck, cnfc, pvstr, SPC, DGCC, DCSS, DSR, DCST, SPLB, altutgv2, otr, cnv, and csr.

** Based on how you use the WAF, additional cookies may be used.

 

 

Was this article helpful?

Related articles

Not finding what you need?

95% of questions can be answered using the search tool. This is the quickest way to get a response.

Contact Us