KC Lemson

By KC Lemson [MS]

Blogs

HTTP Referrer, I hardly knew yee...

  • Comments 9
  • Likes

In the referrer logs for this entry:

http://blogs.msdn.com/kclemson/posts/129544.aspx

I have this:

http://my.webmd.com/content/article/71/81295.htm?lastselectedguid={5fe84e90-bc77-4056-a91c-9531713ca348}

Which doesn't make sense. Webmd isn't the kind of place where you're likely to be logged in and have your 'custom links' on the sidebar or whatnot, as I have seen elsewhere... And it's not referrer SPAM either, unless webmd is really getting desperate for hits.

Can anyone clue me in?

Comments
  • I know what you mean... I get at least two or three of these a week from the International Atomic Energy Agency random webpages... Again, not a likely source of referrer spam... <br> <br>Weird...

  • Couldn't this simply be the result of someone being on that page, and then typing in a new URL (yours)?

  • Keith - no, in that case the browser doesn't send the referrer (that would be a big privacy problem if it did). Plus, this referrer was to the URL of an article, not exactly something you'd type in =)

  • Here are some of my weirder referrers in the last week: <br> <br>www.av.com <br><a target="_new" href="http://bolt.com.br">http://bolt.com.br</a> <br><a target="_new" href="http://www.ukradeno.cz">http://www.ukradeno.cz</a> <br><a target="_new" href="http://www.php-soft.com">http://www.php-soft.com</a> <br> <br>I've had referrals from microsoft.com before even. You just get weird stuff. I don't know why or how, but each of the above is sending at least 300 visitors a week to me (apparently).

  • Some browsers allow you to spoof the HTTP_REFERER. <br>( <a target="_new" href="http://multizilla.mozdev.org/features/quickprefs.html">http://multizilla.mozdev.org/features/quickprefs.html</a> ) - Slow loading page - scroll down to Referrer Spoofing <br> <br>There are also other programs that allow you to do this too.(<a target="_new" href="http://www.proxomitron.info/45/help/HTTP%20Header%20Filters.html">http://www.proxomitron.info/45/help/HTTP%20Header%20Filters.html</a>). <br> <br>Probably somebody just experimenting.

  • Actually I've seen IE get confused and send a referrer of your current page when you've typed in a URL. Damned if I can reproduce it properly though

  • i haven't empirically tested this, but i think there may be some strange behavior when you use &quot;sidebar&quot; style IE add-ins for search... the browser kinda-sorta-may-not-always-predictably treat the sidebar as a &quot;new&quot; window, and may use the location of your main window as the referer for a link you clicked on in the sidebar. <br> <br>I guess a reasonable question is, What useragent came along with that request? is this even an IE user?

  • 1. Browsers can fail, I've seen situations were the browser actually did do the privacy trick and did tell the referer, even though the user typed in the address. <br> <br>2. It is very easy to make your own referer. I've made som PHP code (could be ASP as well) which connects through a proxy socket and browses a website. The site is told that the browser is fx. Internet Explorer and that the referer is icomefromheaven.com - or any other which the programmer did type in the source code. <br>Referer and browser information (and others) is expected by the receiving server by the client (IE/Mozilla or the PHP/ASP script) and therefor it is the sending &quot;browser&quot; which control those values. Easy to cheat then ;) <br> <br>Anyways, just my 2 cents, thanks for a nice blog, been reading some nice stuff about Outlook 2003 and will be asking a couple of questions pretty soon, when I have some more time ;) <br> <br>Take care....

  • The atomic energy referrer is actually a well-known mail address harvesting spider. If you're displaying unprotected email addresses at all on the pages where you see those hits, then those addresses are now in the hands of at least one spammer (but more likey hundreds).