My website was built by Shopify, and it also runs many types of ads. Among them, my Google ads show that my website has been infringed!!! As a result, my ads have stopped running.
Do you have similar problems?
It shows that I used hacked or blacklisted target pages: (a11ybar.com, korfo.org, nethcdn.com, powered-by-revidy.com)
We had a client experience the exact same thing. A script got injected into the ./snippets/orichi_multi_pixel.liquid file.
That’s where the a11ybar.com is being injected, and all the rest should clear up after that. See if you’re running the same Multi Pixel app or download your theme file and do a search for the pixel.roughgroup.com and see if that gives you any hits.
My ads were stopped too, reason being compromised site - got the following from GOOGLE ADS “Content loaded from: redirect tracker” Not sure what to do, have scanned the site but unable to detect anything. May you advise if you’are able to assist me, please?
I have exactly the same issue with the identical links being found by Google.
https://korfo.org/to2/squarespace.com/,
https://korfo.org/vu/us/?1736270689,
https://powered-by-revidy.com/a
We have not been able to find these links and cannot use companies like Sucuri or Site lock to locate and remove the links as they require server access not permitted by Shopify.
I located the script mentioned in the ./snippets/orichi_multi_pixel.liquid file and removed it. Appealed to Google and they declined our appeal saying the links are still all showing up on their side, however, they are unable to tell us exactly where they are finding these links.
Ticket has been raised and escalated with Shopify, but when we previously reported it, support said there was a problem with Google and not our site. We are waiting on a response on the escalation.
I got this issue 2 weeks ago with the same issue with the domain pixel.roughgroup.com, then trying to contact orichipixel app to solve the issue. They noticed that I forgot to remove the code after uninstalling 3 years ago and the roughgroup.com not used long time. By the way, they helped me a lot to remove all the codes and our Google Ads back to normally after a week appealing. I am curious that why Shopify not auto remove app codes after uninstalling, it cost me a lot of time.
Hi @CrystalClawz any update from google?
Hi, I am running into the same issue. Has anyone figured out a solution?
[RESOLVED] Google Ads “Compromised site” – Orichi pixel / pixel.roughgroup.com / a11ybar.com, etc.
Just wanted to leave my solution here in case it helps someone in the same situation.
In my case, Google Ads was constantly flagging my domain as “compromised site” and disapproving my ads.
The warning mentioned several suspicious domains being loaded from my website:
a11ybar.com
1xlite-218626.top
korfo.org
nethcdn.com
powered-by-revidy.com
However, when I contacted Shopify Support, they told me that everything was fine on their side, that the store was “secure” and that the problem was on Google’s side. The malware scanners they ran didn’t detect anything.
After almost a week of digging (and a lot of frustration), I finally found the root cause with the help of ChatGPT, which guided me step by step on where to look.
The issue was an old script from the Orichi Multi Pixel app that was still inside my theme, even though the app was no longer in use.
In my case, the malicious/blacklisted resources were being loaded through this chain:
Theme → {% include 'orichi_multi_pixel' %}
snippets/orichi_multi_pixel.liquid →
<script src="https://pixel.roughgroup.com/Content/orichipixel.js?..."></script>
That external script (orichipixel.js) is what was loading those suspicious domains:
a11ybar.com, korfo.org, nethcdn.com, powered-by-revidy.com, etc.
Here are the steps I took:
Edit theme code
Went to Online Store → Themes → Edit code.
Searched for orichi, roughgroup and orichipixel.
Found the snippet: snippets/orichi_multi_pixel.liquid.
This snippet contained several <meta> tags and, most importantly:
<script type="text/javascript" async src="https://pixel.roughgroup.com/Content/orichipixel.js?shop=..."></script>
I deleted all the contents of this snippet (and eventually deleted the snippet file itself).
Remove the include from theme.liquid
In layout/theme.liquid, inside the <head>, I had:
{% include 'orichi_multi_pixel' %}
I removed that line completely and saved the file.
Search for any remaining traces
Searched the whole theme + Shopify settings (Customer events / Pixels, Preferences, Checkout additional scripts) for:
roughgroup
orichi
a11ybar, korfo, nethcdn, revidy, etc.
Made sure there were no remaining references.
Clear cache / re-scan
Cleared cache in Cloudflare (Purge Everything).
Opened my website in Chrome DevTools → Network tab and filtered for roughgroup / a11ybar to confirm no requests were being made anymore.
Ran new malware scans – they came back clean.
Appeal in Google Ads
Then I submitted an appeal in Google Ads explaining that:
I found an old third-party tracking pixel (Orichi) injecting pixel.roughgroup.com;
I removed the snippet and all references from the theme and settings;
New scans showed no malicious resources being loaded.
After that, Google re-scanned the site and my ads were finally approved again.
So in short:
Google was right about the malicious links being loaded.
Shopify’s basic checks didn’t catch it, because it was coming from an old third-party app script left in the theme.
With some manual digging (and a lot of help from ChatGPT) I found and removed the Orichi pixel script, and that finally resolved the “compromised site” issue.
Hope this helps anyone stuck in the same loop between “Google says compromised” and “Shopify says everything is fine”.