diff --git a/src/clean_url.js b/src/clean_url.js
index aff6ccff..7d4ff79f 100644
--- a/src/clean_url.js
+++ b/src/clean_url.js
@@ -15,6 +15,38 @@ const caretPath = (pathname) => {
   return `${path}?${search}`
 }
 
+const safeLinks = [
+  'safelinks\\.protection\\.outlook\\.com',
+  '\\.protection\\.sophos\\.com',
+  'linkprotect\\.cudasvc\\.com'
+]
+
+const deSafelink = (urlStr) => {
+  let url = new URL(urlStr)
+
+  // O365 Safelinks
+  if (url.hostname.endsWith('safelinks.protection.outlook.com')) {
+    url = new URL(url.searchParams.get('url'))
+  }
+
+  // #92
+  if (url.hostname.endsWith('.protection.sophos.com')) {
+    url = new URL(`http://${url.searchParams.get('d')}`)
+  }
+
+  // Barracuda
+  if (url.hostname.endsWith('linkprotect.cudasvc.com')) {
+    url = new URL(url.searchParams.get('a'))
+  }
+
+  // "Just have to go deep enough."
+  if (url.hostname.match(new RegExp(safeLinks.join('|')))) {
+    return deSafelink(url.href)
+  }
+
+  return url.href
+}
+
 for await (const line of createInterface({ input: process.stdin, terminal: false })) {
   // parse hostname from url
   if (process.argv[2] === 'hostname') {
@@ -37,16 +69,7 @@ for await (const line of createInterface({ input: process.stdin, terminal: false
     }
   } else {
     if (URL.canParse(line)) {
-      let url = new URL(line)
-
-      // O365 Safelinks
-      if (url.hostname.endsWith('safelinks.protection.outlook.com')) {
-        url = new URL(url.searchParams.get('url'))
-      }
-      // #92
-      if (url.hostname.endsWith('.protection.sophos.com')) {
-        url = new URL(`http://${url.searchParams.get('d')}`)
-      }
+      const url = new URL(deSafelink(line))
 
       url.host = url.host.replace(/^www\./, '')