About a couple of weeks ago, I noticed a few strange pageviews which have URL paths did not match Blogger blog URL structure and one word particularly got my attention, "atheism."

2011-01-27--00:31:37

If you are a Blogger blogger, you will be immediately aware that definitely not come from your blog. You won't see links like /blog/ or /YYYY/MM/DD/blah in your blog. The question is where did they come from?

At first thought, I believed that site owner mistyped a digit of his1 own UA number2 or something like that. But it's obviously not because the UA number very different than mine. I began to think the owner was trying to fake pageviews and drew me to check out the owner's website. However, I dismissed that thought very quickly, because that website doesn't seem to fit in and usually spammers only target a subject for a very short period of time. Often it's one-time spamming only, but it's been at least one day when I noticed.

My index finger slowly moved to point at Google Analytics' system, some big flaw in the system I would guess. 'Ha! I will be the first one to expose this!' I ecstatically enjoyed my glorious moment. Well, that moment didn't come. I put it aside because I didn't believe Google would have such flaw, either.

Finally, I decided to check help forums to see if anyone has encountered same situation. I found one useful, the problem is I still didn't think my UA number was being used by someone. I decided to do a final check on the website's source code, which was my second time. Still got nothing.

I brought up Firefox 4's Web Control and left Net and JavaScript on only, reloaded the page and read the logs. One thing more weird came to my eyes:

2011-01-27--00:16:54

The page loaded Disqus script, it's no big deal even that website doesn't use Disqus at all. The eye-bulging part is "yjlv", that's my blog's Disqus ID. I double-checked with Chromium because I just didn't believe, Chromium's Developer Tools' Resources tab affirmed.

Alright, this whole thing is extremely confusing. It's as if the weirdness not only be doubled but actually is squared. Firstly, my UA number could be used by someone. And now, even Disqus? 'What the heck is going on?' I asked myself.

I checked the source code for the third time, I still got nothing. I almost gave up and decided to write a post on help forums, then I clicked on the website's local copy of jQuery. I did the search, BINGO!

2011-01-27--00:35:41

I wouldn't believe when I saw my code was in the end of file and more than just UA number and Disqus parts, it seems to include this entirely.

I don't know which part of my code the website owner is actually using. That JavaScript is written for this blog and I doubt it would work out-of-the-box on other website. I remember somewhere I read long ago, copy-and-pasting the code you don't understand is a very bad habit. If I was a very bad person and that website does have <pre><code>...</code></pre>, then I could send a different version of highlight.pack.js if my GAE app detects the visitor is from that website. Who knows what I would put in that fake JavaScript?

Right after I publish this post, I am going to find the contact information and shoot the owner an email with a link to this post. I hope its About or Contact page isn't written in Korean.

Anyway, I am really tired of writing an email to detail everything. So, here is the message body to the website owner:

Hi!

Don't worry, you didn't violate any copyright law. Just please remove parts you don't need from your /js/jquery.js, especially the part contains my Google Analytics UA. You contributed 600+ page views into my Google Analytics report, I am really appreciated for the generosity.

Sincerely yours,
P.

PS. If possible, please tell me which part of my code you intend to use? collapse_pre()?

I really don't want to write a post anytime, but I also don't want to see any more data which don't belong to me. If you are going to suggest me creating a filter for preventing from this kind of thing happened again, thanks! But no, I won't do that. Covering eyes isn't a solution.

And please readers, though I decided not to mask that website's name and domain in screenshots, but please DO NOT visit that website anytime soon, or my Google Analytics account would have more kindly contributed data. Besides, you know most of you guys don't read Korean right, please don't say Google Translate, I am begging you!


  1. I assume the owner is a male. ^

  2. Also known as Web Property ID. ^