The first thing I would do is put a dummy page up with the following
<?php var_dump($_SERVER); ?>
Then navigate to that page from allowedsite.com
You will see the variables that were developed with this request on the page (better formatted if you do a view source)
I believe there is a HTTP_REFERER_URL variable inside $_SERVER, but it has been my past experience that the field isn't always populated.