I stumbled upon an old article today entitled
How to Obscure Any URL: How Spammers And Scammers Hide and
Confuse.
Quoting from its summary, the article describes three ways to obscure URLs:
-
Meaningless or deceptive text can be added after "http://" and before an "@" symbol.
-
The domain name can be expressed as an IP address, in dotted-decimal, dword, octal or hexadecimal format.
-
Characters in the URL can be expressed as hexadecimal (base 16) numbers
Two more ways come to mind that are most useful if you are building your own website:
-
Use indices or hashes for object references. For example, www.mywebsite.com/myapp?objectref=1.
-
Use a hash function (say MD5 or SHA-1) to hash the URL and use the result as a key to the real URL. For example,
www.mywebsite.com/this/is/a/private/path might become www.mywebsite.com/f061a171dfc30635462850684f98b886.
This is similar to what URL shortening services such as TinyUrl do.
References
-
How to Obscure Any URL: How Spammers And Scammers Hide and Confuse,
www.pc-help.org, 2002