https://community.dynatrace.com/t5/Real-User-Monitoring/What-is-a-HASH-DtCookie/m-p/190593#M3750 <P>The regular <A href="https://www.dynatrace.com/support/help/shortlink/cookies#dynatrace-cookies" target="_self">dtCookie</A> is a cookie used by Dynatrace RUM to track a visit over multiple requests. It is how RUM is able to group user sessions together when a user tagging rule is not defined for an application.</P><P>&nbsp;</P><P>The HASH_dtCookie is not something I've seen before but <A href="https://social.msdn.microsoft.com/Forums/en-US/fbefcb48-1e03-41a7-9ba0-1f3dbd3c2e4b/application-creates-duplicate-cookies-with-hash-appended-to-name?forum=aspstatemanagement" target="_self">taking a look around online</A>, it appears that it is an method an application server uses to "<SPAN><EM>prevent an attacker from guessing session ids is to build integrity into the token by adding a hash or signature to the session cookie.</EM>"</SPAN></P><P>&nbsp;</P><P><SPAN>This wouldn't be something that Dynatrace is doing as you can see the same thing happening with JSESSIONID. It may be a feature enabled by your app or web servers to enhance security.</SPAN></P> Thu, 14 Jul 2022 14:34:19 GMT AlexOsbourn 2022-07-14T14:34:19Z https://community.dynatrace.com/t5/Real-User-Monitoring/What-is-a-HASH-DtCookie/m-p/190474#M3746 <P>Hello,</P><P>&nbsp;</P><P>HASH_dtCookie and dtCookie, who has seen this before?</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="henk_stobbe_0-1657708447367.png" style="width: 400px;"><img src="https://community.dynatrace.com/t5/image/serverpage/image-id/6557i8FB72542E909387A/image-size/medium?v=v2&amp;px=400" role="button" title="henk_stobbe_0-1657708447367.png" alt="henk_stobbe_0-1657708447367.png" /></span></P><P>(=</P><P>&nbsp;</P><P>(thanks Marc for pointing this out)</P><P>&nbsp;</P><P>KR Henk</P> Wed, 13 Jul 2022 10:36:48 GMT https://community.dynatrace.com/t5/Real-User-Monitoring/What-is-a-HASH-DtCookie/m-p/190474#M3746 henk_stobbe 2022-07-13T10:36:48Z https://community.dynatrace.com/t5/Real-User-Monitoring/What-is-a-HASH-DtCookie/m-p/190593#M3750 <P>The regular <A href="https://www.dynatrace.com/support/help/shortlink/cookies#dynatrace-cookies" target="_self">dtCookie</A> is a cookie used by Dynatrace RUM to track a visit over multiple requests. It is how RUM is able to group user sessions together when a user tagging rule is not defined for an application.</P><P>&nbsp;</P><P>The HASH_dtCookie is not something I've seen before but <A href="https://social.msdn.microsoft.com/Forums/en-US/fbefcb48-1e03-41a7-9ba0-1f3dbd3c2e4b/application-creates-duplicate-cookies-with-hash-appended-to-name?forum=aspstatemanagement" target="_self">taking a look around online</A>, it appears that it is an method an application server uses to "<SPAN><EM>prevent an attacker from guessing session ids is to build integrity into the token by adding a hash or signature to the session cookie.</EM>"</SPAN></P><P>&nbsp;</P><P><SPAN>This wouldn't be something that Dynatrace is doing as you can see the same thing happening with JSESSIONID. It may be a feature enabled by your app or web servers to enhance security.</SPAN></P> Thu, 14 Jul 2022 14:34:19 GMT https://community.dynatrace.com/t5/Real-User-Monitoring/What-is-a-HASH-DtCookie/m-p/190593#M3750 AlexOsbourn 2022-07-14T14:34:19Z