how to know if a packet sniffed is accessed from a website directly and not linked?

is there any way to know if a certain tcp segment which has a request message to a server is directly accessed by a user through a browser. not just that its linked by the browser itself to complete the requested page. like for example, a web page with ima开发者_JAVA技巧ges, when one browses this page, the sniffer tends to get all this urls including the web page's and that of the images. what factors would let me identify which is which?!...

thanks alot in advance:)

Nope.

I just confirmed this using the Ethereal packet sniffer on a 1996-style brochureware site that had a few embedded gifs. There is nothing about the secondary HTTP GET request packets that distinguish them from my original GET.

If you want to get meta-analytic, I'd be impressed if someone could click as fast as the browser issues the subsequent auto-requests, but wget would be as fast. I wouldn't use this evidence to hang a man nor exonerate him.

There is an HTTP header for that that a browser can set to tell the server which page the requested URL appeared on:

http://www.w3.org/Protocols/HTTP/HTRQ_Headers.html#z14

I believe the major browsers set this header when requesting resources (images, css, js), as well as when one clicks on a link, but I'm not sure. Browsers aren't required to set this header. Even when the header is set, the browser could be lying. There's no way for anyone else to know, at least not that I know of.