Can't identify cookie

So, I'm running the "ultimate iRule debug" trying to figure out who is setting a cookie.  It's a cookie that we think shouldn't be coming from the pool member.  The reason we say that is when we test with a working connection (ie authenticated), that cookie never gets set.  Specifically, in the debug, we don't see in in the "http_response" but see it in the "http_response_release":

<HTTP_RESPONSE>: ----------- http_response -----------
<HTTP_RESPONSE>: uid: db9aebfa8 - status: 200
<HTTP_RESPONSE>: uid: db9aebfa8 - pool member IP: /Common/Prod.app/Prod_pool 10.xxx.xxx.xxx 4443
<HTTP_RESPONSE>: uid: db9aebfa8 - Date: Wed, 27 Jul 2022 15:44:05 GMT
<HTTP_RESPONSE>: uid: db9aebfa8 - Server:
<HTTP_RESPONSE>: uid: db9aebfa8 - Last-Modified: Sun, 27 Mar 2022 14:31:19 GMT
<HTTP_RESPONSE>: uid: db9aebfa8 - ETag: "4c5-5db340c8e7bc0"
<HTTP_RESPONSE>: uid: db9aebfa8 - Accept-Ranges: bytes
<HTTP_RESPONSE>: uid: db9aebfa8 - Content-Length: 1221
<HTTP_RESPONSE>: uid: db9aebfa8 - X-Frame-Options: SAMEORIGIN
<HTTP_RESPONSE>: uid: db9aebfa8 - X-Content-Type-Options: nosniff
<HTTP_RESPONSE>: uid: db9aebfa8 - Keep-Alive: timeout=15
<HTTP_RESPONSE>: uid: db9aebfa8 - Connection: Keep-Alive
<HTTP_RESPONSE>: uid: db9aebfa8 - Content-Type: text/html
<HTTP_RESPONSE>: uid: db9aebfa8 - Content-Language: en
<HTTP_RESPONSE>: uid: db9aebfa8 - Set-Cookie: cosmos=1795096330.23313.0000; path=/; Httponly; Secure
<HTTP_RESPONSE>: ----------- http_response -----------
<HTTP_RESPONSE>:
<HTTP_RESPONSE_DATA>: ----------- http_response_payload -----------
<HTTP_RESPONSE_DATA>: uid: db9aebfa8 - Response (Body) payload: <!-- dbdrv: none --> <!-- appdet.html --> <html> <HEAD> <TITLE>Home Page Redirect</TITLE> <META http-equiv=REFRESH content="1; URL=https://xx"> </HEAD> <body> <DIV ID="content">
<HTTP_RESPONSE_DATA>: ----------- http_response_payload -----------
<HTTP_RESPONSE_DATA>:
<HTTP_RESPONSE_RELEASE>: ----------- http_response_release -----------
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - status: 200
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - pool member IP: /Common/Prod.app/Prod_pool 10.xxx.xxx.xxx 4443
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - Date: Wed, 27 Jul 2022 15:44:05 GMT
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - Last-Modified: Sun, 27 Mar 2022 14:31:19 GMT
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - ETag: "4c5-5db340c8e7bc0"
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - Accept-Ranges: bytes
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - Content-Length: 1221
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - X-Frame-Options: SAMEORIGIN
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - X-Content-Type-Options: nosniff
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - Keep-Alive: timeout=15
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - Connection: Keep-Alive
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - Content-Type: text/html
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - Content-Language: en
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - Set-Cookie: TS011b84d2=016cf3c73c8f3d3632c2783e0a6b27af43cf9a592e6129af3e0094acb85d88f58b02e11b8e2eb6d5ab7441d929cb436e1013ea5426b3043afc175bdc1f95d285a3e1faa534; Path=/
<HTTP_RESPONSE_RELEASE>: uid: db9aebfa8 - Set-Cookie: TS011b84d2=016cf3c73c8f3d3632c2783e0a6b27af43cf9a592e6129af3e0094acb85d88f58b02e11b8e2eb6d5ab7441d929cb436e1013ea5426b3043afc175bdc1f95d285a3e1faa534; Path=/
<HTTP_RESPONSE_RELEASE>: ----------- http_response_release -----------

The cookie I am referring to is: TS011b84d2

My question is, why does the cookie show up only in the http_response_release?  Wouldn't it show up in the http_response as well if it was being set by the pool member?  To me it almost seems like the LTM is setting the cookie.