Referrer Log Spamming

I first saw this in June/2004, although it was probably happening sooner, but I just didn't notice.

NOTE: There are names of "adult" web sites on this page, but there are NOT any direct links from this site to "adult" content

Referrer Log Spamming is when scumbags hit your website, but forge what is called the HTTP_REFERRER header and insert their own scumbag URL in it. The reason is that they hope that your web sites will publish statistics about activity on it, and this almost always includes something called the "Referrer Report" that list where people came from to visit your web site. So what happens is the scumbag URL ends up being listed, which counts as "back link" and makes them look better to the Search Engines. It's also a way of driving traffic to their site since people click on those links to see what it is. Typically used by folks in the adult/porn industry as you'll see below, although perhaps not surprising is that referrer log spamming also been used in politics.

Kinda slimey, eh?!?


So you are probably saying "sounds super-techo-gee-whiz Alek, but this doesn't really happen much does in real life does it?" ... welllll, there's an easy way to find out. Do this Google Search for "lucky-macho.com usage" (the word "usage" is typically in a Referrer Report) and there are 289 (!) web pages of various people/corporations/etc. which have links from THEIR site to lucky-macho.com - how many do you think are aware of that?!?

Pretty slimey, eh?!?


And oh yea, one more thing to mention is that the scumbags typically don't hit your web site from theirs - what is often used is "zombie PC's" - i.e. those that have been taked over with spyware/adware and then unknown to the owners, is surfing the web for the scumbags!

REALLY slimey, eh?!?

In case you are interested, here are just a FEW examples of referrer log spamming I've seen on my web site. The links below simple show the Apache Log entries - again, none of these links go to adult sites:

I worked my way "upstream" a bit, and it appears that the following hosting companies are probably involved/associated with these guys: www.esthost.net and www.web-studio.net ... and a traceroute shows that the last ISP reporting is www.cenic.net so my guess is that is who they are getting connectivity from.


In case these guys ever read this ... correction, since you are referrer spamming THIS page, you HAVE read this, how 'bout taking your spamming somewhere else ...