... PHP issues the browser a cookie containing a randomly generated 32-character ID. The name of the cookie is a 36-character string such as SESS41847725f5e919b45880017743781461 (which is the cookie name for this site). The apparently random 32-character ID that follows SESS is actually an MD5 hash based on the base URL of the site, or on the cookie domain if set in settings.php.

The examples of HTTP response and request headers also show the cookie name to be PHPSESSID, where it should be of the form described above.