Session Identifiers
Sessions are identified by a unique session identifier that can be read using the SessionID property. When session state is enabled for an ASP.NET application, each request for a page in the application is examined for a SessionID value sent from the browser. If no SessionID value is supplied, ASP.NET starts a new session and the SessionID for that session is sent to the browser with the response.

SessionID values are stored in a cookie, by default, but you can also configure your application to store SessionID values in the URL for a "cookieless" session