Update time: December 18, 2025
Google Analytics 4 (GA4) uses four main cookies to handle user identification, session management, and cross-site tracking.
GA4 Cookie Overview
| Cookie name | Default expiration time | Description |
|---|---|---|
| _ga | 2 years | Used to distinguish users. |
| _ga_<container-id> | 2 years | Used to persist session state. |
| FPID | 2 years | Used to distinguish users. |
| FPLC | 20 hours | Used to cross-site tracking |
Note on Cookie Expiration
Although the default expiration shown for most GA4 cookies is 2 years, the actual lifetime is typically around 13 months.
This is due to a common browser policy that limits first-party cookie expiration to approximately 400 days. As a result, the effective expiration you observe in the browser is usually closer to 13 months, not the full 2 years.
Next, let’s look at the structure and meaning of these cookies in more detail, using bbccss.com as an example.
_ga Cookie Explained
By default, GA4 assigns a unique Client ID to each device and uses it as the basis for user identification, this Client ID is stored in the browser’s _ga cookie, the structure of _ga is as follows:
Note: 1197596843.1673515099 represents the Client ID.
The detailed explanation is as follows:
| Value | Description |
|---|---|
| GA1 | Version number, which represents the version of the cookie format that’s being used. |
| 1 | Domain level (GA4 almost always uses 1). |
| 1197596843 | Randomly generated 10-digit number. |
| 1673515099 | Timestamp indicating when the _ga cookie was created |
_ga_<container-id> Cookie Explained (Session Cookie)
_ga_<container-id> is a GA4-specific session cookie, used to maintain session state. Example Structure:
The difference between the two is the analysis version, which can be distinguished by the number after GS.
The detailed explanation is as follows:
| Value | Description |
|---|---|
| GS | Fixed identifier (Google Session). |
| 2 | Analysis version (commonly 1 or 2). |
| 1 | Domain level (almost always 1). |
| 1673933110 | Session ID (current session start time). |
| 12 | Session count for the user. |
| 0 | Engagement session flag (1 = engaged, 0 = not engaged). |
| 1673933110 | Current Timestamp |
| 60 | Countdown,60-second countdown, cookie and user data matching/syncing when Google Signals is enabled |
| 0 | User-ID status (1 = logged in with User-ID set). |
| 0 | Enhanced Client Id, abbreviated as ecid, is a string of numbers that only has value when tracked on the server side tracking or enable 「User-ID and user-provided data collection」 |
| riYSmWx3uWvuJEDkCvwJCnvET7QcvFq7kg | This field is available when Google signal data collection is enabled and indicates the Google signal or the associated ID of the Google signal. |
Important: For the first request of a session, the Session ID and Current Timestamp are identical, because the Session ID represents the session start time.
Read more:
- In-depth Understanding Session in Google Analytics 4
- Enhanced Client ID (ecid) in Google Analytics 4
FPID Explained (First-party Device ID)
FPID (First-party Device ID) is used in server-side tracking implementations only.
Example FPID Value
The value of FPID is as follows:
FPID2.2.F99Fd7gVuQuP93MZdJiEn07o/eZba6j9bAt8ETLsn8E=.1733280703
Note: F99Fd7gVuQuP93MZdJiEn07o/eZba6j9bAt8ETLsn8E=.1733280703 is also treated as a form of Client ID in GA4.
| Value | Description |
|---|---|
| FPID2.2 | Version number |
| F99Fd7gVuQuP93MZdJiEn07o | TBD |
| eZba6j9bAt8ETLsn8E= | TBD |
| 1733280703 | Timestamp |
Read more: FPID: First Party Device ID
FPLC Explained
You may also encounter a cookie named FPLC:
Why FPLC Exists?
FPID is HttpOnly, so it cannot be read by GTM or JavaScript This limitation makes cross-site / cross-domain tracking impossible using FPID alone
What FPLC Does?
- FPLC is a hashed value derived from the FPID
- It is not HttpOnly, so JavaScript can access it
- Enables cross-domain tracking in GA4
- Has a short lifetime of 20 hours
Referral:
