In regular non-PDF scenario, the image requests are initiated by a web browser after the main HTML page is loaded. So I do not think it uses any proprietary HTTP headers to identify a user/session. I would expect a very standard session ID propagation – via cookie (in HTTP header) or via URL string.

Try to dump HTTP headers (there are browser plugins or other tools for that) and determine the way it identifies a session.