Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

FYI : Time-Of-Click Urls do not resolve

ThKThK Cybersecurity Overlord ✭✭✭

Several customers try to click links in emails which are protected from HES Time-of-click.

The Links are not resolved. Instead A " ..Bad Request..." appears. I have opened a Call (43500287) but no information so far.

regards Thomas

Category: Hosted Email Security


  • Hello @ThK,

    This issue is resolved. Please do let us know if you see further issues. We apologies for the inconvenience caused.

    @micah - SonicWall's Self-Service Sr. Manager

  • BWCBWC Cybersecurity Overlord ✭✭✭


    today a on-prem ES customer reported about the same "Bad Request" problem, copy&paste of the original URL worked though.

    What causes this and can it be avoided?


  • BWCBWC Cybersecurity Overlord ✭✭✭


    FYI, it was an Backend Issue (as always) and Support provided me with these details about it.

    This counts only for the new URL's, the existing URL's cannot be fixed because those are already Re-written by the Sonicwall.

    So i reported this issue to the back-end team and they mentioned below information:

    "The backend verify the HK not matched, the backend calculate a HK value ‘f8c593af09651950c2b536fa34b5559ea6c87e92296b95c4ad66e308ce0386a0’, not ‘FFD5663242372F265432EBF2850233FC739759944B4FDC187EB5A20AFCF04410’ in the link.

    So return a “bad request” page instead of redirect, not caught as malicious.

    This issue has been found many times long time ago, we try to use a new protocol to fix it."

    So they have used new protocols to fix this false positive issues which are happening frequently these days. Please monitor and let me know the results.

    Hopefully this new protocol will avoid future problems.


  • ThKThK Cybersecurity Overlord ✭✭✭
    edited April 2021

    @BWC thank you for the update. Meanwhile ToC is accepted by the Users. It sometimes was confusing to click on these long modified link terms, but when in the end the page opened all was ok.

    A broken Link caused problems because you could not fixed it on the users end and often you can´t get these links again.


Sign In or Register to comment.