Is There a Way to Know Where a URL-shortened URL Is Going to Take Me?

//
Before deleting spam, I often hover over the link to see where it is supposed to take me. These days, most spammers use a TinyURL. Is there a way to find out the real URL without clicking on it?

Yes. In fact, there are a couple of ways.

But first, let’s talk about links in email and short links in general.

Become a Patron of Ask Leo! and go ad-free!

Links in email: avoid them if you can

This is an excellent time to remind everyone of something I always say.

Be extra cautious when clicking links in email.

If the link is obviously spam, or you just don’t trust where it came from, it’s simple to assume it’s bad and get on with your life.

Sometimes it’s not obvious, however. Some clues about the email might be:

  • Not addressing you by name.
  • Having a message body that seems out of character for the person sending you the mail, such as a terse “look what I found” type of statement.
  • Having no text at all, just a link.
  • Having a name you recognize in the From: field, but (if displayed) a corresponding email address that is clearly wrong, or one you’ve never seen before.

All of these are potential clues that the email isn’t what it claims to be, and that the link should best be avoided. It could lead to scams, malware, phishing attempts, and more.

Short links

URLs, or Uniform Resource Locators, are those strings beginning with http or https. They tell a web browser what website or page you want to view.

Sometimes URLs can be quite long. For example, here’s a URL for a Google map of Microsoft’s location in Redmond:

https://www.google.com/maps/place/Microsoft+Corporation/@47.6435107,-122.1252991,15.88z/data=!4m5!3m4!1s0x0:0x1a52969ee03899e!8m2!3d47.6396259!4d-122.1283767

InvestigateThe problem with long links is that they often break when they’re wrapped to fit a particular line length, window, or screen size, particularly when sent in email.

Enter “short link” services. They allow you to create a short, manageable URL that redirects to the longer one. For example:

https://go.askleo.com/msredmond

This is a short URL (using my own service) that takes you to the longer URL listed above. It’s easier to type, easier to remember, and not prone to break in email programs and the like.

There are many link shortening services; examples include TinyURL, Bit.ly, and Goo.gl.

The problem with a short URL is that it’s not obvious where it’ll take you until you click on it. In fact, they’re often also referred to as “cloaking links”, because they hide, or cloak, the final destination.

Typically, the only way to find out where this link goes is to click on it: https://go.askleo.com/mystery. That one’s safe, but there’s no way to know for sure.

Particularly if you have reason to be concerned, suspicious, or skeptical about a link you get in email, it’s not unreasonable to want to know where it goes before you click.

Previewing  shortened URLs

Some services do have preview features. For example, if you visit tinyurl.com/preview.php, TinyURL will help you turn on a cookie-based feature in your browser. Then, when you click on a link, you can preview where it goes prior to going there.

Bit.ly also allows you to do this. Simply add a plus sign to the end of the URL, and Bit.ly will display where you would have gone rather than taking you there.

There are also several sites that show you where a shortened link will take you. Some current services1 include:

Each of these display the target and some additional information about a short URL.

The bottom line, really, is to stay away from mysterious links sent to you through spam. But when you receive a shortened link from a trusted source and you aren’t sure why, investigate with these preview tools.

Podcast audio

Play

Footnotes & references

1: These services have a tendency to come and go.

2: You might notice that I use my own URL shortener/redirector here. An additional reason to use shorteners is to a) track how many people click the link and b) potentially change or update the destination, should there be a reason in the future.

22 comments on “Is There a Way to Know Where a URL-shortened URL Is Going to Take Me?”

  1. I don’t do a lot of tweeting or whatever else might require the use of link shortening (I’m still an old-school emailer and haven’t taken to FB yet). I’ve wondered about this, because like the original poster, I too hover over links to see where they’re really taking me. I didn’t know about the previews OR the “longurl.org” location. Once again Leo, you’ve enlightened this middle-aged IT guy who just hadn’t “dug in” to this issue. Now I know!

  2. Thanks Leo!

    I’ve always taken the position that if you send me a shortened link, I will ignore it., because I have always had the policy of knowing where I’m going and trusting where I’m going before going there. It’s nice to know that there is a way around that.

    Although I still don’t understand the point of link shorteners. They are just random characters, so no one will remember the shortened link, which means that the link is just going to be forwarded around and people are going to click on it (as opposed to actually typing it in). So does it really matter how long a URL is if people are just going to forward the link and click on the link?

    • URL shorteners are useful for a few things. A couple of examples: Twitter limits a tweet to 140 characters, and shortening a URL makes it possible to Tweet long URLs, and some email programs also do funny things with long URLs.

    • Sometimes a longer link will span two (or more) lines in an e.mail message, and some e.mail systems will insert a line break that “fractures” the URL at the line break, rendering it unusable. Another reason for a URL shortener.

    • Typically they are from specific services that you’ll learn to recognize over time (bit.ly, goo.gl, tinyurl.com and others) and/or they end without a file extension (no .html, no .jpg, no nothing), just a a bit of text. Oh, and they’re short. 🙂

      • It’s over 3 though but ok case someone passed by to read it ..
        The statement :
        “They end without a file extension . No HTML . No jpg. No nothing )

        Might not be a key point now. Since web developers are encouraged to hide file extensions in URLs.

        Why ?

        Because the user don’t care whether u developed your site in php , node , js, HTML . Or whatever …

  3. longurl.org must not work anymore. I couldn’t access it using Chrome or Firefox.

    Adding a plus + symbol after a short URL generated by goo.gl (Google’s url shortener) lets you view a webpage with information about the short URL including a preview of the longer URL. If the longer URL isn’t totally visible, hover over it and look at the bottom left corner to see the entire URL.

  4. One question that comes up now is, will a URL still break in an email or other application? I’d be surprised if they still did. Now, shortened URLs are mainly useful for Twitter where a URL can exceed the character limit for a Tweet, or simply to create less clutter.

    • Not all broken URL’s are broken due to wrapping. We use Outlook 2010 in our office and I have an example of a “one-off” that caught a user in my office. As you know, copy/pasting a URL from a working web page into an Outlook email body, Outlook will generate the hyperlink automatically, in that the displayed text and the hyperlink to a URL are identical. This particular instance, a sales rep in our office was trying to send a link for our website to one of her clients. Copy/pasting it into an Outlook email, the very last character of the URL was being ignored (I don’t recall exactly what the character was, this was a few years ago) so the auto hyperlink that was created was a broken link. I caught it because I’m the IT guy here but the average user wouldn’t have noticed it. Had she copy/pasted into a tinyurl, the link would have worked.

      • Most of the time when only one character is truncated from the URL, it’s probably due to an error in highlighting the whole URL.

  5. Leo,
    Sorry to say this is not one of your clearest “guides”.
    I guess I spent 20 mins trying to absorb what is in essence is very simple.
    The quickest & most convenient solution is much less obvious, & you do not make much effort to recommend or rate what offerings you spread through the post.
    I eventually added the Chrome extension.
    As it happens it now just fits on what I believe is called the bookmarks bar.
    This does shorten links but I can’t see how it conveniently shows me where a short link will go.
    Honestly I am playing around rather than following something you have carefully researched – you did didn’t you?

  6. Leo I think it is time to update what is spam.
    You say it might be spam if not addresses directly to you by name.
    Well that is well gone for me at least.
    I have always been very suspicious of joining online newsletter groups or entering an online prize draw because those are classic harvesting machines for real live IDs & email addresses.
    I will use shortened versions or misspelled versions of my name or nickname to see how long it takes for it to come back to me as spam. It’s an interesting little distraction to see who is not acting in accordance with the rules for private & personal information legitimately provided on the internet.
    However, recently my real name began appearing in horrendous spam, I’m talking the whole kit & caboodle of porn spam.
    What can I do? Change my name? Change my every detail? They have me now.
    Someone whom I decided was trustworthy, gave away(sold) my real details without a care in the world to know where those details were going to.
    If I could find a trail I would follow it to nail the company that sold my real details. There aren’t many of them because I don’t trust most companies but one imagines they can trust their bank or their local council office where they pay their municipal rates & taxes.
    Some such ‘mob’ has not played by the rules for the preservation of private & personal information.
    So just because an email is addressed to you by name does not make it a real email.

    • You need a disposable email generator, such as 33 Mail, Blur or Not Sharing My Info. Never give a “real” email address to someone you don’t know and trust. Create a new address for each entity or website out there which asks for your email. This way, if it’s abused, you can kill it with no remorse.

Leave a reply: