Concern: Unknown domains are sending events to a Meta (Facebook) Pixel, potentially corrupting ad data. The original poster (OP) suspects other Shopify stores have embedded their pixel, possibly to degrade campaign performance.
How to check/mitigate:
In Meta Events Manager > Settings > Traffic Permissions, review domains sending data.
Block unknown domains or allowlist only your own domain(s) to prevent external sites from sending events.
A screenshot of Traffic Permissions and Meta help links are referenced for guidance.
Disagreement on cause:
OP: Not related to Shopify’s tools; volume and pageviews are too high to be test events. Claims issue resolved by restricting domains.
Alternative view: Another participant suggests the domains may be from Shopify preview/Test events that route through different domains and appear in small volumes.
Additional input: A user cites a Reddit thread saying Shopify preview domains are benign and not a concern.
Status: Unresolved. No consensus whether the traffic is malicious (others embedding the pixel) or benign (Shopify preview/testing). Practical action agreed upon: use Traffic Permissions to restrict event sources. Key question open: Are the observed domains truly malicious or expected Shopify preview URLs?
Summarized with AI on December 12.
AI used: gpt-5.
I have once posted a message about many other domains being found to send data through my own pixel. Here is the post: Found weird domains in Facebook Ads Traffic Permissions - Check yours too, may be hacked https://community.shopify.com/post/2525779
This means that other store owners (presumably competitors), all of which are from Shopify in my case, are placing my pixel on their websites. I have not yet completely figured out the reason behind that but I assume it’s to distort my pixel data and make my ads less effective.
To find out whether you are affected go to your Events Manager → Settings → scroll down to Traffic Permissions → go through the domains sending data through your pixel.
If you find some that you do not know like I found the ones below, then either add them to a blocked list or add your domain(s) to the allowed list. This way there will be no other domains sending data to your pixel.
Hi did you managed to work this out? I have the same issue - wondering if it is innocent functionality of Shopify & simply a case of approving these domains.
I did and no its not. They are domains of other dudes that post your pixel on their websites. I am not entirely sure why that is but it may be to confuse the pixel and make your campaigns perform worse. Thats just an assumption.
I believe the domains you’re seeing if from the Shopify preview mode to test your pixel via “Test” functionality in your Pixel settings in Shopify
Each time you generate this test the URL may appear to be the shop one but the events themselves are promoted from another domain thats why the events are in such small volumes. I was wondering if those dates of when it last sent events coincided at all with you using that test functionality?
No it did not, there is a much larger amount of these URLs than there have been tests. Further it also wouldn’t have registered so many page views. Unless the metrics there are wrong I don’t believe there is a connection to the tests
