Detecting humans is less accurate than it used to be because of page caching now used at a lot of hosts, and possibly browser extensions (some can block the hit that confirms a full browser visit and not just a crawler). Page caching can store the hit ID that we normally use to tell visitors apart, so multiple visits are associated with a single hit, and some of their own hits may not be logged.
I see the header X-LiteSpeed-Cache
: hit when visiting one of your pages, so that is likely interfering with identifying some hits as humans or bots.
In the first screenshot you sent, those look like real googlebots, since the hostname looked up by Wordfence from the IP is *.googlebot.com.
In the second screenshot, the two ajax calls in the middle happened right after the initial hit. When our script ran to validate that the first hit was human, only the first was re-labeled as a human, but the second two couldn’t be re-labeled. (Partly because they’re ajax and don’t trigger the human check, and partly they happened before the first human check finished.)
In his third screenshot, I don’t think that hit was you, since it has a rate-limited-proxy-*.google.com hostname. It’s likely you either hit a cached page (which won’t show up in Live Traffic at all since PHP & Wordfence don’t run), or had a login cookie that prevented his hit from being logged.
Let me know if this helps!
Thanks!