Pentesting ⁽¹⁾

Cloudflare uses several cookies for various functions, including session affinity with the __cflb cookie, which directs traffic to the same origin for a specified period. The __cf_bm cookie helps identify and mitigate automated traffic, expiring after 30 minutes of inactivity. The cf_clearance cookie allows access after completing a CAPTCHA. cf_ob_info and cf_use_ob are related to Cloudflare Always Online, serving cached versions of the site when the server is unavailable. The __cfwaitingroom cookie is set when Cloudflare Waiting Room is enabled, managing user access during high traffic. _cfuvid tracks user behavior for rate limiting and abuse prevention, while __cfseq tracks the order and time between requests for bot detection. Finally, the wschkid cookie is likely used internally for web server checks.