Hi mara89,

If you have access to your raw server logs, could you post some examples of what these requests look like?

What is the hostname for these sessions?

For those of us who don't know ... is that a screenshot of analytics data, or of cpanel-type stats? The question is whether those are actual page requests--which would indeed be pretty horrific--or "only" requests for analytics code--which may not even live on your own server.

NickMNS, Host name its our domain only.

lucy24, its Screenshot of analytics data, and that traffic only show google analytics code wise but its not real visit wise.

keyplyr, I'm trying to access raw server logs, if i get i'll share sample of that.

its Screenshot of analytics data

Ahh. Crystal ball says you are not really getting those appalling levels of visits from baidu. Instead, the servers that host your analytics program--whose access you can't control--are getting appalling levels of requests for your analytics file. This is the current decade's answer to referer spam.

Take a closer look. Do they all, for example, claim to have the same improbable screen size? Are they mostly coming in at hours when the average Baidu user would be asleep and/or at work?

If your raw logs confirm that this is the case--analytics not accompanied by real visits--look for the place in your GA prefs where you can tell it to ignore certain requests.

@lucy24 the first tell tale sign of referral spam is the hostname. In this case mara89 states that the hostname is their domain. This suggests that it is not referral spam.

Checking the raw logs would confirm this. @mara89 check your logs!

@keyplyr & @NickMNS examples of raw server logs -- > [prntscr.com...]

Could you help in this.

Is this continuing this densly? How often are these spikes?

Do they ask for all the files on that page? Do they then ask for other pages like a human visitor would?

If they just ask for that one page it could be a botnet. They usually stop after a couple days.

What's normal traffic for that page?

@keyplyr yes, its continuing Density. Daily 200+ Visits For single page only.

how to find that bot, we receiving same kind visits form last 20+ days .

the normal traffic of this page 3 - 4 only .

It sounds like, for whatever reason, someone has added your page to a list of targets in some code running from a remote server.

You can block the IP(s) or just wait for that server instance to reach its end. Eventually the hits to your page will stop.

Are they all FF 34 or does it just look that way from the log snippet you posted?

:: detour to check something ::

Firefox 34 is not over-the-top outdated--I find scattered human visits from as recently as last fall--but it dropped off dramatically after January 2015. So you might elect to block the UA.