Defend rewrites URLs in inbound emails to scan the linked content for security risks, using linguistic and contextual analysis.

You may need to decode these URLs to view them in their original form without visiting the link.

To do this:

1. Access your Defend console.
2. Navigate to URL Rewriting / Decode URL Decode.
3. Paste the encoded Defend URL into the field.
4. The original link is displayed.

Decoding Double-Protected Links

Some mail systems, such as Microsoft 365 SafeLinks, already have a feature that rewrites URLs. The Defend-encoded URL may be created using this rewritten link.

1. You will need to decode the original link using a suitable tool. There are options available online for decoding these links.
2. Once decoded, you can paste this into the Defend URL Decode tool using the steps above. The original link will then be displayed.