Remote linking is a problem for many webmasters, especially when it comes to images. Usually done by amateurs, it's done by including an image tag on their page that uses the full path to the image that resides on your server.
For example:

<img src="http://www.your-domain.com/images/your-image.gif">

Thus, when anyone loads their page (or pop-up) containing the link to your image, a hit will occur to your server and show in your logs. Plain and simple, this is theft. You assume the burden of serving the image without the benefit of the user being on your pages and viewing your content.

Here is a helpful thread [webmasterworld.com].

PHP (or any other scripting language, I would imagine) can GET images (or pages, files, etc) without actually showing the image on the page, through the use of sockets (and probably other techniques as well).

The page could could save the image somewhere, email it to someone, or just grab it and not used and not do anything with it (maybe someone is trying to drain your bandwidth).

Hope this helps. Let me know if you have any questions.

Hey, thanks a lot for your help : ) What you explain is what would be obvious, but still I hestiate because I am new to webmastering. Here's the line of code in question for clarification, I've 'bleeped' the site url...

***.18.157.108 - - [09/Dec/2003:07:25:51 -0600] "GET /salon/boutique/antiques/images/bar/barpops/journalb.gif HTTP/1.1" 200 646 "http://www.*******.com/portecle/pages/pc101.htm" "Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)"

...repeating thus until all of the images contained in one of my pages is loaded... into the other site's pop-up?

Here's another thought: is it possible to 'spoof' what goes into a site's logs? Also, is it possible, if a site is being used as a proxy, that the logs would show odd information like that? Still that doesn't explain the 'linkless' pop-up connecting to my images. Grrr.

Thanks again, guys : )

Josefu wrote:

is it possible to 'spoof' what goes into a site's logs?

Yes. The HTTP_REFERER value can be set arbitrarily. If the IP doesn't matchethe IP for the host in the HTTP_REFERER it may be spoofed. It's also possible that that server is showing different versions of the page to different visitors. See the Apache forum here or Google for Apache mod_rewrite for more information. Another possibility is that a script on that server is issuing a GET request for your file, but the HTTP_REFERER is spoofed and doesn't actually reside where it claims. Programs like Curl allow such requests to be made and give the user full control over what headers are sent (and a lot more). If you have Curl installed (it's pre-installed on many modern Linux distros) do "curl --help" for more info.

Thank you very very much for your reply : ) Very informative, I already checked the IP origin and it doesn't at all correspond with the referrer - which fits exactly into your scenario.

Cheers, and thanks again!

Josefu.

[added]Double thanks as, as I am on Panther OS X, your command line is directly accessable through the terminal and all is quite quite clear now ; ) Looks like someone (a competitor) is in line for a spanking - the IP owner, not the referral[/added]

Josefu, I'm glad that I was able to point you in the right direction. Cheers.