HI,

I have a site of mine " hornybug.com" as the 404 page for all the rest of my sites..

Today I noticed something very weird in the refferer stats of hornybug from one of my sites desikamasutra.com

It showed 2000 in 36 uniques

The reffereing stats showed up liek someone was tryin every possible file search on taht domain obviously using some sort of program.

Here's a small sampling of the refferers list

********************************************
http://www.desikamasutra.com/cgi-bin/tm3/kd56s.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/kd611s.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/kd612s.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/pic00069.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/danna.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/pic0045.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/sh5s.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/sh6s.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/sh7s.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/kd66s.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/kd63s.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/pic00290.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/mg1.jpg : 3
http://www.desikamasutra.com/cgi-bin/tm3/mg2.jpg : 3


/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/indiansexstories.jpg : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/thumbs/priety_photo.jpe : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/thumbs/photo_kareena.jpe : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/thumbs/karismasml.jpe : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/thumbs/photo_aish.jpe : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/thumbs/rani1.jpe : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/thumbs/kajolsml.jpe : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/Traffic.htm : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/webmaster.htm : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/ac_images/embox1_06.jpg : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/ac_images/embox1_05.jpg : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/ac_images/embox1_04.jpg : 1
/cgi-bin/ucj/c.cgi?url=http://www.desikamasutra.com/ac_images/embox1_02.jpg :

/out.php?go=http://www.desikamasutra.com/graphics/indiashottest.jpg : 1
/out.php?go=http://www.desikamasutra.com/graphics/indianhussies.jpg : 1
/out.php?go=http://www.desikamasutra.com/graphics/indiaxposed.jpg : 1
/out.php?go=http://www.desikamasutra.com/graphics/indiachix.jpg : 1
/out.php?go=http://www.desikamasutra.com/graphics/exposedindians.jpg : 1
/out.php?go=http://www.desikamasutra.com/graphics/awsomeindia.jpg : 1
/out.php?go=http://www.desikamasutra.com/graphics/indiaexposed.jpg : 1
/out.php?go=http://www.desikamasutra.com/graphics/indiauncovered.jpg : 1
/out.php?go=http://www.desikamasutra.com/graphics/thekamasutra.jpg : 1
/out.php?go=http://www.desikamasutra.com/amazingindians2.jpg : 1
/out.php?go=http://www.desikamasutra.com/im/ui.jpg : 1
/out.php?go=http://www.desikamasutra.com/3.jpg : 1
/out.php?go=http://www.desikamasutra.com/hal002.gif : 1
/out.php?go=http://www.desikamasutra.com/arsimalli.jpg : 1
/out.php?go=http://www.desikamasutra.com/400x150_indian.gif : 1

*************************************

Most of those files aren't even present on my server but are very connected to my niche/site!!!!

Notice how all the different scripts have been tried ( TM3, UCJ, etc)

Any ideas???

Looks like a cheater to me. I never seen that method before tho

I trade with all "trusted" sites, but i guess you never know!!
:confused:

Is it some sort of picture leech program?

Thats what I am thinking cause it see only .jpg files... Could be a program looking for jpg files on the server... How to stop it or what to do is beyond me tho... I would password protect some folder for your main program and let you server provider know...

hotlinking action! always good to setup htaccess.

BT

Thx for the replies guys...

I guess i'll go check my servers for images and do the needful.