Thank you for sharing your comments. I'd like to inform you that the shortened_url domain itself is not a malicious site and here are the steps we perform to ensure that malware content does not get hosted from Zoho WorkDrive :
1. We do have an Anti Virus scan in place which validates the files during upload. So most malwares can not be uploaded to the cloud at all.
2. We also do have a spam and fraudulence detection algorithm in place which identifies if the uploaded files are phishing documents.
So most spamming documents do get filtered out as spam and never get published. Despite our best efforts to identify spam and spammers a few spam files did get published which were duly pulled down. So we do think presence of one or two links should not cause the entire domain "tdrive.li" to be considered a threat. Rather the individual link that had the spam file can be considered a threat.