Expand shortened URLs (bit.ly, t.co, tinyurl, etc.) to reveal the final destination. Trace every redirect hop, detect HTTPS downgrades, and flag suspicious destinations.