Language iconEN
ES
FR
DE
NL
IT
PT
TR
RU
UA
JA
ZH
KO
Search
Contact salesTry for free
Contact salesTry for free
Case studies

16% to under 4% of "(not set)" traffic reduction for a customized sweets retail brand | Stape Care

Roman Kaliniichuk

Roman Kaliniichuk

Author
Published
Mar 18, 2026
comments
Join the conversation
i

Key takeaways

  • A large-scale retail brand faced unreliable analytics reporting, with 14-16% of traffic classified as (not set) and large volumes of irrelevant visits outside of their operations area, which affected business decisions and campaign reporting.
  • An audit revealed consent banner misalignment across subdomains, a fragmented hybrid data flow, where part of the traffic bypassed the server container through a legacy integration, and heavy bot activity originating from China.
  • The Stape Care team reconfigured root-level consent cookies, unified the data flow through a single server container, implemented server-level filters using GEO Headers and User Agent Info, and enabled Cookie Keeper to improve cookie persistence under browser restrictions.
  • Undefined traffic dropped from 14–16% to under 4%, irrelevant sessions were removed, Direct traffic normalized, and attribution accuracy improved, giving the client reliable data for marketing analysis and operational decisions.

A retail brand that specializes in customized sweets recently requested the Stape Care team to audit their server-side tracking setup and fix the reporting inconsistencies that affected the client's business decisions. Their website operates across multiple countries using subdomains (e.g., en.example.com, bg.example.com, it.example.com), and relies on a retail model that requires precise attribution for effective marketing and inventory management.

Challenge: undefined data affecting retail attribution

Although the client implemented server-side tracking earlier, their analytics showed a persistently high percentage of unusual traffic, specifically:

  • 14-16% of total visits classified as (not set) traffic.
  • Significant volumes of irrelevant traffic from areas where the product was not available.
(not set) traffic volume before improvement

These issues distorted attribution and weakened confidence in performance metrics, leading to several operational and marketing problems:

  • Unclear source attribution affecting campaign ROI.
  • Budget allocation inefficiencies across retail channels.
  • Inflated Direct traffic.
  • Inconsistent session and sales data.

Audit: establishing reasons for tracking inconsistencies

Our Care team performed a technical audit of the tracking architecture focused on retail operations and identified several structural issues.

1. Consent banner misalignment across subdomains.

Consent cookies were not shared across multiple country-based subdomains, which caused:

  • Inconsistent user permission states.
  • Misinterpretation of consent signals.
  • Sessions recorded without proper consent context.
  • Inflated (not set) values.

2. Hybrid data flow causing fragmented sessions.

Part of the traffic still bypassed the server container due to a legacy integration. This created:

  • Duplicate or fragmented sessions.
  • Inconsistent client_id handling.
  • Inflated Undefined and Direct traffic.

3. Bot-like traffic from non-relevant regions.

During the audit, Stape Care team noticed a large volume of very short sessions (under 3 seconds) originating from China, a region irrelevant for this retail brand, as products were not available there.

A deeper analysis revealed consistent patterns in this traffic:

  • Browser signatures: most sessions came from the same browsers, which indicates automated or bot-like behavior.
  • Browser versions: repeated versions across sessions, another sign of scripted activity.
  • Geolocation: traffic concentrated in the area where no sales or engagement occurred.
  • Engagement metrics: almost all sessions had zero interactions, i.e., no product views, clicks, or cart activity.

Solution: implementing filters with Stape's solutions

To restore reliable analytics and attribution, Stape Care applied a series of structural updates along with traffic filters.

The consent setup was reconfigured to set cookies at the root domain level (.example.com). This update aimed to establish consistent behavior across all subdomains and resolve the permission mismatches identified during the audit.

All traffic was routed through the server container, removing the split created by the legacy integration. Consolidating the data flow would stabilize session reporting.

The team decided to block irrelevant and bot-like traffic at the server level using pattern-based rules. These rules targeted sessions that:

  • Originated from China and other irrelevant locations.
  • Matched specific browser signatures seen in bot-like sessions.
  • Used identical or repeated browser versions.
  • Exhibited extremely low engagement (sessions under 3 seconds, no interactions).

To set up these precise filters, the Care team implemented two Stape power-ups that supply the needed signals:

  • GEO Headers: identifies the country of origin for each request. Only traffic from relevant regions passed through.
  • User Agent Info: provides browser and version details for each session to help exclude automated patterns.

Finally, our Care team enabled Cookie Keeper to improve cookie persistence under browser restrictions, e.g., Safari's Intelligent Tracking Prevention (ITP). This reduced artificial session resets and strengthened attribution stability.

Results: drop in "(not set)" traffic to under 4%, restored session quality and attribution accuracy

After implementing all improvements, the tracking system began reflecting only genuine customer activity, creating a clear view of performance and exposing the effects of the earlier issues. This shift allowed the client to rely on stable, consistent reporting, reflected in the following outcomes:

  • (not set) traffic decreased from 14–16% to less than 4%.
  • Direct traffic normalized.
  • Session quality improved.
  • Attribution accuracy restored.
  • Analytics confidence rebuilt.
(not set) traffic volume after improvement

For a large-scale retail brand with international operations, keeping the (not set) figure under 4% provides the level of clarity needed to evaluate channels accurately, adjust budgets with confidence, and align stock planning with real customer demand.

Why choose Stape

By setting up server-side tracking with Stape, you can:

  • Configure consent cookies at the root domain level to stop cross-subdomain data loss.
  • Unify your data flow through a single server container to eliminate session fragmentation.
  • Block irrelevant regional traffic and automated activity using tools like GEO Headers and User Agent Info.
  • Extend cookie persistence under Safari's ITP restrictions with Cookie Keeper to stabilize long-term sales attribution.
  • Turn distorted analytics reporting into accurate, revenue-driving insights.

Want to start on the server side?register now!

author

Roman Kaliniichuk

Author

Roman is a GTM and analytics specialist with solid expertise in server-side tracking and GA4. He helps businesses build reliable tracking, improve data accuracy, and optimize marketing performance.

Comments

Related to this post

How to set up GA4 server-side tracking
Sep 19, 2025

Blog

How to set up GA4 server-side tracking

Check out the advantages of using GA4 and GTM server tagging and a step-by-step guide on how to send events to GA4 using the GTM server.

Unassigned and not set traffic source in GA4
Feb 18, 2026

Blog

Unassigned and not set traffic source in GA4

Improve GA4 reporting accuracy and see how to identify and resolve Unassigned and not set traffic, including common causes like gtag initialization and timing.

Advanced bot traffic guide: filtering, prevention, and blocking
Jan 15, 2026

Blog

Advanced bot traffic guide: filtering, prevention, and blocking

Read about the main types of bot traffic, the most effective ways to prevent it, and how Stape can help you to minimize its effect.

Try Stape for all things server-side

What’s going on?

Where are we going?

Attention!
This is a stand-up dog zone.