csrftoken on www.neutrogena.de
About this cookie:
This cookie is associated with the Django web development platform for Python. It is designed to help protect a site against at particular type of software attack on web forms.
There is no specific information about this cookie from this host provider. If you have any information about how this cookie is used by this host, please get in touch.
Related general information about csrftoken:
We don’t have enough information about this cookie or the website hosting it to be able to assign it to a category at this time. However, we are constantly updating our knowledge base, so do check back if you need to know more. If it is urgent then get in touch and maybe we can look into it for you.More about cookie classifications.
Third Party Cookies
If the host domain for a cookie is different to the one in the browser bar when it was downloaded, then it is a third party cookie.
They are usually placed in a website via scripts or tags added into the web page. Sometimes these scripts will also bring additional functionality to the site, such as enabling content to be shared via social networks.
For example, if you visit a site that has a YouTube video in one of its pages. This has been included by the website owner, using a piece of code provided by YouTube. YouTube will then be able to set cookies through this code, and know that you have watched that video, or even just visited the page the video is in.
Online advertising is the most common use of third party cookies. By adding their tags to a page, which may or may not display adverts, advertisers can track a user (or their device) across many of the websites they visit.
This allows them to build up a 'behavioural profile' of the user, which can then be used to target them with online ads based around their 'calculated' interests.
As the name suggests, this type of cookie is saved on your computer so that when you close it down and start it up again, it can still be there.
Persistent cookies are created by giving them an expiry date. If that expiry date is reached, it will be destroyed by the computer. If the expiry date is not set then it is automatically a session cookie.
The expiry date will normally be saved as the time the cookie was first created plus a number of seconds, determined by the programmer who wrote the code for the cookie. However, there is no real limit on the expiry date - so it could be set to be 20 years in the future. In addition, if you revisit the website that served up the cookie, it may automatically place an updated version on your computer - with a revised future expiry date.
If you login into a website, then shut down your computer, start it up again, and go back to the website to find you are still logged in - then it is using a persistent cookie to remember you.
Persistent cookies are also used to track visitor behaviour as you move around a site, and this data is used to try and understand what people do and don't like about a site so it can be improved. This practice is known as Web Analytics. Since Google started providing its own analytics technology free of charge to website owners, almost all websites use some form of it - although there are also paid-for services available to rival Google's.
Analytics cookies are probably the most common form of persistent cookies in use today.
However, persistent cookies can also , oddly, have a shorter life span than some session cookies, as they can be coded to be destroyed within a second or two of being set, whereas a session cookie will always last until you close down your browser.
Secure cookies are only transmitted via HTTPS - which you will typically find in the checkout pages of online shopping sites.
This ensures that any data in the cookie will be encrypted as it passes between the website and the browser. As you might imagine – cookies that are used by e-commerce sites to remember credit card details, or manage the transaction process in some way, would normally be secure, but any other cookie might also be made secure.
This protects it from so-called cross-site-scripting (XSS) attacks, where a malicious script tries to send the content of a cookie to a third party website.