# Incapsula / Imperva

## **What is Incapsula (now Imperva)?**

Incapsula is a Web Application Firewall that shields websites from attacks like DDoS, bot traffic, and other threats by scrutinizing web traffic and determining whether it is human or automated. It often requires specific cookies, such as `reese84` or `___utmvc`, to allow access to the website.

## **How to Detect if a Website is Using Incapsula**

Websites protected by Incapsula typically use these cookies to validate user sessions:

* **reese84**: Required on many ticketing websites; generated via a valid encrypted payload.
* **\_\_\_utmvc**: A cookie that checks browser information and is often seen on sites that use Incapsula.

You can detect Incapsula protection by observing the presence of these cookies in the network requests. If the website serves an interstitial block or requires interaction with these cookies, it’s an indicator that the site uses Incapsula for security.

## **How Incapsula Works**

When accessing an Incapsula-protected website, your request may be intercepted by the WAF. The site checks for the presence of the required cookies (`reese84`, `___utmvc`). Without these, you’ll either be blocked or challenged. For example:

* **reese84 WAF**: Requires both the `reese84` cookie and solving a captcha (such as GeeTest) to navigate the site.
* **\_\_\_utmvc WAF**: In this case, a solved GeeTest captcha provides the necessary cookies to continue browsing.

## **Incapsula Cookies and Challenges**

Incapsula uses two cookies to track users and allow access:

* **reese84 Cookie**: This is generated using a valid payload. Without it, many websites will block your session.
* **\_\_\_utmvc Cookie**: This cookie validates browser-specific information .

If you encounter them on a website, it is protected by Incapsula / Imperva.

### **Incapsula WAF Challenges**

Incapsula recently introduced a new WAF for Reese84's websites (that currently get a direct block), with a different type based on the [GeeTest captcha](https://www.geetest.com/). It is present only on some websites with the addition of either the `___utmvc` or `reese84` cookie, for example, the SmythsToys website.

<img src="https://github.com/Takion-API-Services/TakionAPI-Examples/raw/main/incapsula/media/waf__utmvc.png" alt="___utmvc WAF" width="375">

#### reese84 WAF <a href="#reese84-waf" id="reese84-waf"></a>

In case of a reese84 WAF, the website will require a new valid reese84 cookie and a solved GeeTest captcha.

#### \_\_\_utmvc WAF <a href="#utmvc-waf" id="utmvc-waf"></a>

Unlike the other challenges, it requires only the GeeTest captcha token and will set you some `incap_sh_xxx`cookies.

## **Detecting Incapsula-Protected Websites**

A typical interaction with an Incapsula-protected website can involve these cookies or challenges. Depending on the site's configuration, you might be required to solve a GeeTest captcha or handle a direct block page that generates the necessary cookies.

### **Examples of Incapsula-Protected Websites**

Many high-traffic and ticketing websites utilize Incapsula for security. These websites typically use `reese84` or `___utmvc`cookies to protect their users, and examples include:

Many ticketing websites use Incapsula to protect their platforms. Here are some examples:

| Website                                                                      | reese84 | \_\_\_utmvc | WAF |
| ---------------------------------------------------------------------------- | ------- | ----------- | --- |
| [ticketmaster.com](https://www.ticketmaster.com/) (and other US domains)     | ✅       |             |     |
| [ticketmaster.co.uk](https://www.ticketmaster.co.uk/) (and other EU domains) | ✅       |             | ✅\* |
| [tickets.rolandgarros.com](https://tickets.rolandgarros.com/)                |         | ✅           |     |
| [smythstoys.com](https://www.smythstoys.com/)                                | ✅       | ✅           | ✅   |
| [eticketing.co.uk](https://www.eticketing.co.uk/)                            | ✅       |             |     |

\**Only some Ticketmaster EU websites a reese84 WAF.*


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.takionapi.tech/incapsula.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.