fund.school blocked for suspected trojan

[ataraxy]

Could you please check the classification of fund.school.  Malwarebytes currently blocking it, even though URL Void shows it as okay https://www.urlvoid.com/scan/fund.school/.

I don't claim that it's a great site - it's being used by someone who just spammed the contact form on my web site - but if they are okay, I would like to be able to tell them about the spammer.

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 27/01/2021
Protection Event Time: 18:34
Log File: 0e291fee-6072-11eb-a84e-7085c25ed56b.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1146
Update Package Version: 1.0.36271
Licence: Premium

-System Information-
OS: Windows 10 (Build 19041.746)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: fund.school
IP Address: 104.238.93.235
Port: 80
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe



(end)

 

[JPopovic]

Hello,

This domain is used as a URL shortening.

It redirects users to several different domains and some of them are marked as a Riskware.

For an example, here is one of the pages to which domain redirects to:

https://instameetingmatch.com/?u=u348mwe&o=6hle3ul&m=1&t=aaaaaaaaa

We would like to keep this one blocked for now.

Thank you!

 

[ataraxy]

Sounds reasonable.

Thanks!

[JPopovic]

You're welcome!