often.cloud
← all tools

SafeLink decoder

Web

Extract the real URL from Microsoft SafeLinks and ProofPoint URLDefense wrapped links — all decoding happens in your browser.

What this tool helps with

Microsoft SafeLinks and ProofPoint URLDefense rewrap every URL in an email through their tracking and scanning gateways. The redirected URL no longer tells you where you'll actually end up. This decoder reverses both wrappers and shows the original destination so you can verify a link before clicking — without following the redirect or letting the wrapper register that you opened the link. All decoding is local, so you're not handing the wrapped URL to yet another remote service.

Supported formats

  • • Microsoft SafeLinks — *.safelinks.protection.outlook.com
  • • ProofPoint URLDefense v2 — urldefense.proofpoint.com/v2/…
  • • ProofPoint URLDefense v3 — urldefense.com/v3/…

How to use SafeLink decoder

  1. Open the SafeLink decoder page and paste, type, or generate the safelink input you want to work with.
  2. Pick the options you need so the tool can extract the real URL from Microsoft SafeLinks and ProofPoint URLDefense wrapped links — all decoding happens in your browser
  3. Copy the safelinks result with one click and use it in your next step — terminal, editor, ticket, or anywhere else you need it.

Common uses

  • Reach for SafeLink decoder when you need to extract the real URL from Microsoft SafeLinks and ProofPoint URLDefense wrapped links — all decoding happens in your browser during debugging, code review, or content preparation.
  • Skip installing a desktop safelink app — open this web utility on a shared machine, an iPad, or a colleague's laptop and it just works.
  • Bookmark or share the page when you and your team keep coming back to the same safelink, safelinks, outlook, and proofpoint workflow.

FAQ

Will the recipient know I decoded their link?

No. Decoding parses the wrapper format locally; it does not send any request, so neither the wrapper service nor the sender sees a hit until you actually open the destination.

Why do SafeLinks change so often?

Microsoft rotates parameters and adds tenant-specific identifiers. The structure stays parseable but new fields appear from time to time. If a link doesn't decode, paste the raw URL — the tool surfaces what it could and what it couldn't.

Is the destination always safe to open?

Decoding only reveals the URL; the destination's reputation is separate. The wrappers scan for known-bad URLs at click time, so opening through the wrapper can be safer in some environments than bypassing it entirely.

Related tools

Helpers for the browser platform.
Color converterPicker + hex, RGB, HSL, HSV, HWB, CMYK, OKLCh, CSS names, WCAG contrast.Regex testerTest a JavaScript regex against a string with live matches.URL parserBreak a URL into protocol, host, port, path, search params, and hash.