The HTTP Referer field:

In the HTTP (HyperText Transport Protocol), there exists a certain data field
called the "Referer". The purpose of this field is simple: It tells the Web
server what web page sent the user to the page that is currently being
requested. This is most often used by sites that do not wish users to simply
make direct links to their files, especially warez sites (who want users to
actually click through their site's pages rather than have outside pages link
directly to their warez files) and porn sites (who want users to click
through their site's pages rather than have outside pages link directly to
their pictures). In both of these examples, the user is expected to
demonstrate that they came from the expected page on the web server, but this
can be rather easily faked by simply sending the correct Referer line.

Note that the existence of the Referer line is why many sites will not let
you download files through Internet Explorer's "Save Target As" option;
Although IE generates the Referer line when you click directly on a link or
use the "Open in New Window" option, it does *NOT* generate the Referer line
when you use "Save Target As". Without the requisite Referer info, the site
will refuse to provide the desired file and usually redirect the browser to a
dummy or informational HTML file, which the browser will end up downloading
instead.

The Referer field is certainly not the only way of checking to see if users
have clicked through your pages before getting to your files; It's just the
most commonly-used, and also quite simple to fool with the correct software.
(Any software that can be made to send a bogus Referer field will work; IE
cannot be programmed to do this as far as I know, but it is possible to make
a browser which can.) More advanced web servers may actually keep logs of
pages you have accessed and verify that your IP address has accessed the
requisite referral page before trying to access the file; Other even more
elaborate schemes also exist.