I have a very low traffic personal website, terryliittschwager.com, usually about a dozen visitors a day accessing less than ten pages at a time. I can tell what pages they’ve looked at by hovering over the file folder icon of the Matomo initial page. Lately I have a mystery. Every day there’s a visitor accessing the same page, sometimes for hours, and dozens of times, but it’s a nonexistent page, namely “Nifty GDPR Consent | In2 Computing Ltd.” which is the name of web-hosting firm.
Normally, if I click on the file folder icon, I get taken to the page on my site that the user accessed. However, in these instances, it unsuccessfully tries to access a 10.0.1.15/dev/gdpr page that eventually times out.
Any ideas what might be happening? My website appears to be working fine, but these accesses are a mystery.
Do you have access to the access log of your webserver? I would guess, there a no calls to that page at all. It seems like, someone hijacked your tracker on a local server (10.0.1.15 is a private ip address). The easiest way for you is to just referer block him on vhost base.
I think your supposition is correct. My web hosting company has been having trouble with their software for tracking such, so I brought up Google analytics for all pages, and it doesn’t report any of this. I did some research on the IP addresses, and my best guess is that it’s coming out of Bangalore, India.
Another guess, is that what they’ve done is lifted my code for a single page application of weight and balance for large cargo aircraft and are running it on their server, but they haven’t taken the trouble to remove the Matomo tracking code. That SPA is the only interactive code I have on my site, and I see people playing with it all the time from my subdomain, 747.terryliittschwager.com.