URL Parser
Paste a URL (a bare host/path is upgraded to https://) and break it into protocol, host, port, path, query, and fragment — with every query parameter decoded. The Query params and Analysis tabs show the decoded pairs, length advice, signed-URL detection, and tracking / credential-looking parameters. Runs in your browser; nothing is uploaded.
Auto-parses as you type. Edit the URL to rebuild it. Ctrl+Enter to re-run.
Guide & FAQ
Break any URL into its parts — scheme, host, port, path, query, fragment, plus userinfo — and see every query parameter decoded. Use it for debugging redirects, OAuth callbacks, signed URLs, UTM links, tracking parameters, and double-encoded redirects. Runs locally; URLs are never uploaded.
What it does
- Parses any URL into scheme, userinfo, host, port, path, query, fragment.
- Decodes every query parameter — name and value — in the Query params tab.
- Flags tracking parameters:
utm_*,gclid,fbclid,msclkid, and more. - Detects signed URLs (AWS SigV4, Google Cloud, Azure SAS) and warns that they carry time-limited credentials.
- Flags OAuth / token and other credential-looking parameters (
access_token,code,api_key, …). - Reports the URL length against common server/proxy limits.
- Mask secret-shaped values before copying or sharing the parsed output.
When to use it
- Inspect tracking parameters (
utm_source,gclid,fbclid) in a referral link. - Debug an OAuth callback URL that's failing — read
code,state, and token params. - Decode a redirect URL that has another URL embedded in a parameter.
- Audit a signed URL or pre-signed S3 link before sharing.
- Confirm a URL is within length limits before putting it in a request line.
- Split a URL into components to reuse in an integration test.
How to use it
- Paste the full URL — scheme-less URLs assume
https://. - Review the parsed breakdown (protocol, host, path, params, fragment) in the output.
- Open the Query params tab for decoded name/value pairs, and Analysis for length, tracking, and credential findings.
- Edit the URL text to rebuild it — the breakdown re-parses instantly.
- Use Mask secrets to redact token-shaped values before copying or sharing.
- For encoding only (no parsing), use the URL Encoder / Decoder.
Tips & pitfalls
- Fragments (after
#) are not sent to the server — useful (and often misused) in OAuth implicit flows. - Modifying a signed URL invalidates the signature — never edit pre-signed S3 / SAS links.
- + is decoded as a space in
application/x-www-form-urlencodedbut as literal+in URL paths — semantics differ. - Double-encoded values (
%2520) usually mean encoding was applied twice — decode twice to recover. - Tokens in query strings can leak via referrer headers, server logs, and browser history — prefer headers or POST bodies for sensitive values.
- IDN hostnames may be displayed as Unicode but transmitted as Punycode (
xn--...).
FAQ
FAQ
- How do I parse a URL online? Paste the URL — the tool breaks out every component and decodes each query parameter.
- How do I read OAuth callback parameters? Paste the callback URL; the parser decodes
code,state, and token parameters and flags credential-looking ones in the Analysis tab. - What is a double-encoded URL? A URL whose components were encoded twice —
%20became%2520. Decode twice to recover. - How does it handle tracking parameters? It flags UTM parameters and click ids (gclid, fbclid, msclkid, and more) in the Analysis tab so you can spot and strip them.
- Is my URL uploaded? No. Parsing runs in your browser.
- For encoding only, which tool should I use? The URL Encoder / Decoder handles percent-encoding without parsing the URL structure.
- How do I parse URL query parameters? Paste the URL and the parser breaks the query string into decoded name/value pairs in the Query params tab, all locally.
Use-case guides
Runs locally in your browser. No uploads. Use Mask secrets to redact tokens before pasting URLs into tickets or chat.
Common tasks solved by this tool
- Parse URL query parameters online
- Decode a URL query string
- Remove UTM parameters from a URL
- Split a URL into protocol, host, path and fragment
- Inspect redirect URLs and tracking parameters
Continue in an API request workflow
Chain this into related tools, or build it as a saved workflow in Workflows.
- Parse the request URL — this tool
- Convert a cURL command to code
- Format the JSON payload
- Decode JWT headers
- Verify webhook signatures