i log in an ASP site, and click a link with the request looks like
GET http://domain/DigReport/CheckUser_report.asp?SESSION=________________________________&myurl=DigReport/Lab/NewQuery.asp?no=1234567 HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: zh-TW
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: domain
Cookie: no=; UserID=123456&SessionKey=520520A662C445E3B0D89688209F77A8&LoginPosCode=H&LoginPosCodeIndex=0; ASP.NET_SessionId=rbwu4emb3j4m4555ss1pxm45; ASPSESSIONIDCCRABSBD=ILBHPDCBCOCOMBHAGDFJ ...
Go to the complete details ...