A private link was accessed by someone who wasn’t supposed to see it yet. I didn’t share it. No one did. This log is a digital crime scene report, and I caught the referrer.
A quiet little woodworking portfolio got a strange hit. The URL was never published. Not on socials. Not emailed. Not listed. But someone found it. And worse, that someone forwarded it. I didn’t invite anyone to the show.
No breadcrumbs. No search engine indexing. Just a link floating in the void... until it wasn’t.
I scanned logs. Scraped headers. Looked for browser fingerprints. It wasn’t a bot. It wasn’t a crawler. It was a real person, with real fingers, clicking on a page they weren’t meant to see.
I dropped in Matomo for tracking and local analytics. Not some surveillance script farmed out to Silicon Valley. Just raw data, parsed directly from server logs. Every ping. Every referrer. Every miss.
At first, nothing. A few indexer ghosts. Then it came:
Referrer: an unrelated artist portfolio
Path: /woodworking
Device: Android, Chrome
Time on page: 0 seconds
Bounce level: astronomicalThat site shouldn’t have had my link. And yet the log was clear. Someone came in from that direction.
I ran curl. I ran grep. I read the DOM like it owed me money. No links found in the HTML.
So it had to be dynamic. Probably a JS gallery. A modal preview. Some interactive plugin.
Somewhere in that site’s moving parts, my private link was quietly embedded. Maybe even unintentionally. But it was there.
Once I saw that referrer line in the logs, the entire timeline snapped into focus. Like someone flipping over puzzle pieces all at once.
No confrontation. No accusations. But I now know how it happened. And I won’t forget it.
Even the quietest links have echoes. This one made just enough noise to catch. Mystery logged. Leak confirmed. Case closed.