Found weird domains in Facebook Ads Traffic Permissions - Check yours too, may be hacked

recently found some weird domains listed in my Facebook events manager traffic permissions list. You get there by following that path: Meta Business Suite → Events Manager → Data Sources → Settings → scroll to bottom to Traffic Permissions → Create Allow list

I recommend you check it

And this is where I found my primary domainwhich is circled in green and then about 40 other domains with very weird strings like this example here: lne6p1vx2323rza03tfe36lbzda7wo02l-79386313028.shopifypreview.com

Heres a screenshot:

ManuelH_0-1712759877230.png661×664 62.9 KB

I have no idea how they got there and what they do but I am pretty sure its smth dubious.

If anybody knows what thats about please let me know. Thanks!!!

Did you get answers to this issue? We have the same “issue”, if it is an issue.

Hey Samu, just writing another post about it. Will link it here, and yes I assume it is an issue.

Hi again. Here is the link to the post: Warning About FB Pixel - How To Find Out If You Are Affected
https://community.shopify.com/c/shopify-design/warning-about-fb-pixel-how-to-find-out-if-you-are-affected/m-p/2567231#M675379

Also be a pal and mark it as a solution if it helped you

Hi did you work this out? I have the same issue - wondering if it is innocent functionality of Shopify & if so to just approve the domains.

replied in the other post

I found an article are FB too. https://www.facebook.com/business/help/267505221173979

Essentially: create an allowed list for your own domain and all other attempts by someone to add your pixel to their domain will be blocked

But if I read this correct, you should also create a block list for all of those other domains you don’t recognize and that currently are in the Allowed status.

All though many of these “other domains” may be innocently done (giving them the benefit of the doubt) I firmly believe many of these are linked to domains that are “bad actor” accounts or competitors using this in manipulated scripting to send you bad traffic. So like the Queen in Alice in Wonderland, “off with their heads” (block them all) as there seems to be no way to identify the cryptic domain names connected to my account… until I hear someone with deeper knowledge that could justify them attaching to my pixel.

Yeah I linked to another post of mine where I explain in more detail.

Thanks

I believe these are events fired from the preview window when using the test functionality of your pixel, do the dates coincide with dates you were testing your pixel events?

As answered in the other related thread I believe it’s other people pasting their pixel on their own website.