Safelink Decoder
Decode and extract original URLs from safelink redirects and URL shorteners
Safelink Decoder
Decode and extract original URLs from safelink redirects and URL shorteners
Safelink URL Input
Decode SafeLinks
Paste a SafeLink URL above to instantly decode it and reveal the original destination. Supports Microsoft Outlook, Google, ProofPoint, and other security services.
About Safelink Decoder Tool
If you've ever received an email from a corporate account and noticed the links look impossibly long and cryptic, you've encountered safelinks. These are wrapped URLs created by email security services like Microsoft Outlook SafeLinks, ProofPoint URL Defense, Google Safe Browsing, and Mimecast, all designed to protect users by scanning links before they load.
While safelinks serve an important security purpose, they also make it nearly impossible to tell where a link actually leads just by looking at it. Our Safelink Decoder tool instantly extracts the original destination URL from any wrapped safelink, giving you full transparency without ever visiting the target page.
This tool works entirely in your browser. No data is sent to any server. You paste the safelink, and the original URL is decoded locally in real time. It's fast, private, and completely free.
Supported Safelink Services
Our decoder handles all major enterprise email security wrapping services:
Email Security Providers
- Microsoft Outlook SafeLinks: URLs wrapped via safelinks.protection.outlook.com
- ProofPoint URL Defense: Links rewritten through urldefense.proofpoint.com
- Mimecast: Protected URLs routed through Mimecast gateways
- Google Safe Browsing: Google redirect wrappers from Gmail
Other Redirect Types
- Cisco ATP: Advanced Threat Protection URL rewrites
- Symantec/Broadcom: Email security gateway redirects
- Generic Security Gateways: URLs with ?url= or ?u= parameters
- Marketing Trackers: Campaign URLs with embedded destinations
How Safelink Decoding Works
When an email security service wraps a URL, it embeds the original destination inside a redirect link. The structure typically follows a pattern where the real URL is stored as an encoded query parameter.
https://safelinks.protection.outlook.com/?url=https%3A%2F%2Fexample.com%2Fpage&data=...
https://example.com/page
https://urldefense.proofpoint.com/v2/url?u=https-3A__example.com_page&d=...
https://example.com/page
Our tool identifies the service provider from the URL structure, extracts the embedded destination, and performs URI decoding to give you the clean, readable original link.
When You Need a Safelink Decoder
There are plenty of everyday situations where decoding safelinks becomes essential:
Security & Verification
- Verify a link's real destination before clicking
- Check if a suspicious email contains phishing URLs
- Analyze forwarded links from untrusted sources
- Audit corporate email link safety
Productivity & Research
- Copy clean URLs to share without tracking wrappers
- Analyze marketing campaign link structures
- Debug email deliverability issues with wrapped URLs
- Extract original links for documentation purposes
Frequently Asked Questions
How to decode microsoft safelink url?
To decode a Microsoft SafeLink URL, paste the full safelinks.protection.outlook.com link into the utilAZ SafeLink Decoder. The tool extracts the original URL from the 'url' query parameter and performs URI decoding to reveal the clean destination. You can also decode manually by copying the value after '?url=' in the SafeLink, then URL-decoding it (replacing %3A with :, %2F with /, etc). The utilAZ tool handles this instantly in your browser without sending data anywhere.
Does Microsoft have a safelink decode api?
Microsoft does not provide a public API specifically for decoding SafeLinks. The SafeLinks feature is part of Microsoft Defender for Office 365 and operates as a security layer, not a developer service. However, administrators can use the Microsoft Graph API to manage Safe Links policies and access threat reports. For decoding the URLs themselves, you need to parse the URL parameter client-side, which is exactly what the utilAZ SafeLink Decoder does without requiring any API keys or authentication.
How to get the original url from safelink?
To get the original URL from a SafeLink, use the utilAZ SafeLink Decoder by pasting the wrapped URL. The original destination is stored in the 'url' parameter of the SafeLink query string in URL-encoded format. The decoder extracts this parameter, applies decodeURIComponent to reverse the percent-encoding, and displays the clean original URL. This works for Microsoft SafeLinks, ProofPoint URL Defense, Mimecast, and other email security wrappers that embed the destination as a query parameter.
How to remove safelink from outlook email?
End users cannot remove SafeLinks from individual emails because the URL rewriting happens at the server level before delivery. However, Microsoft 365 administrators can disable Safe Links policies through the Microsoft Defender portal under Email & Collaboration > Policies > Safe Links. For specific URLs, admins can add them to the 'Do not rewrite' list in the Safe Links policy settings. If you just need the original URL from a specific link, use the utilAZ SafeLink Decoder to extract it without changing any policy settings.
Email Link Security Best Practices
Whether you're an IT professional or an everyday email user, following these practices can help you stay safe when dealing with links in emails:
- Always verify before clicking: If an email asks you to "verify your account" or "confirm a payment," decode the link first to see if it leads to a legitimate domain.
- Check the domain carefully: After decoding, look at the domain name closely. Phishing links often use misspelled versions of real domains (e.g., "micros0ft.com" instead of "microsoft.com").
- Be cautious with shortened URLs: Links from URL shorteners (bit.ly, t.co) hide the real destination. Decode them to see where they actually point.
- Don't trust the display text: Email links can show one URL in text but link to something completely different. Always check the actual href, not what's displayed.
- Report suspicious links: If you decode a link and it points to an unexpected or suspicious domain, report it to your IT security team.