Just recently, spammers seems to find flavors.me useful to them, because I received fake referrers from the service:

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqwEE6ncIuVg755T4onA7bI1_qXt0CkTK9237sxM6laRi3TOkPdB60FuZjzVA5oMZPyhx6s2CYIC3D_oslDN75uxrGZsc4gUJDTzdmJLgkEnmm0ybxZK5f5rLj8SG3Kmom7IsAv0nPdsA/s640/spams%2520on%2520flavors.me%25202013-07-25--08%253A26%253A39.png

No, I didn’t even click on these two, but I am sure they are spams. This kind of spamming has been happening nonstop since three years ago. Blogger Stats is just three-year-old this past July 2.

Writing a code to fake HTTP referrer is piece of cake, but preventing such spams from seeing by innocent bloggers is not. They had once hijacked the entire report, using .ua like free ccTLD, using forums profiles, even diguising in shortened URLs. I have seen many more, just didn’t bother writing a post anymore, too many to care.

Normally, I dislike Google discontinuing their services, but I really wish Blogger removes Stats if they can’t resolve this. It’s not like they don’t have alternatives, they can integrate Google Analytics, just as they did for Google AdSense. Google Analytics has less fake referrers, not perfect, but better than Blogger Stats at least.

By the way, I did submit a ticket to flavors.me and they responded:

We are aware that there are some users that use these pages for spam uses and we are constantly trying to narrow this down as much as possible.

Thumbs up to them and so kind and well-mannered the support is. If I were the support, I would really want to use a-holes instead of “users.” The reason that I couldn’t be a customer support agent, I would probably curse the customers and got fired the same day I got hired. Or just take my coat and walk out my cubic and yell “I quit!” Gotta be drama, right?

Back to the post, Flavors.me must try even harder, because just as I received the reply, a third fake referrer popped out in Stats:

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_kXQ11vdk8pO3S0bAOxoZGh1GAqyKq7-XLPmgzxLZOa75LdwP8KXg3G6uXmrCLlHX9S4lL-Oi8ak-e6aP9tvO2kbVVPs59fVxlbR28rd-24gvyMKfrs9PW8_Ei8vx1xlvQHymzaYc084/s800/fake%2520flavors.me%2520referrer%25202013-07-26--08%253A58%253A10.png

[first column width increased to 320px for screenshot]

It’s roughly three fakes within 48 hours range, each made 4 HTTP requests. 4*3/2=6 fakes a day a blog. Six fakes might not sound a lot but Blogger has a lot of bloggers and it doesn’t have to be targeting Blogger only. Since it already has created the pages on flavors.me, it can even fake Google Analytics traffic source. You may think it’s JavaScript, they can’t. They can and I have seen many times in my Google Analytics report.

Sometimes, I don’t know if I should hate them or laugh at them, take a closer look at previous screenshot if you haven’t earn that LOL badge. Still not? Try the bottom row.

They messed up, stupid spammers, can’t even hard-coded their spamming URL correctly or some hiccups with their HTTP communication process code. Coder like them probably doesn’t care about QA. They probably googled and pieced up together an awful taste of spaghetti code. This kind of bug would have been picked up by unittest, that’s another thing those people don’t even know about.

$PAM FAIL! xD