The referer is an optional header, is often munged, and is easily forged. It can not be depended on.

I would probably generate an authentication token to give to the client on site A, then have server A inform server B that it now existed (or let them use a shared database).