Escaping: This technique uses legal URL formatting to hide the address.  Escaping encodes the URL with a percent sign followed by a hexidecimal code. An escaped URL can look like “http://%2E%2E%2E%48%20%18%32%2F%48…”. You can easily decode this by copying it into the location bar of your browser and hitting return. The status area of your browser will usually show you the translated address. If you don’t want to make your browser go the the URL, then you can decode the URL with a good old ASCII translation table. Many of these have decimal, hex, and octal codes for each character.

Redirection: This is a very hard-to-trace technique.  Many search engines now perform redirection when you click on a link resulting from a search. They do this to keep track of which sites are the most popular. Spammers have figured out how to use this to get you to their site by first sending you through these search engines. What you see is a really complex URL with a few well known search engines embedded within. It’s harder to dig out the final website URL, but it’s possible.

Relay Page: This spammer technique creates a “relay” page on a “throwaway” web site. This web site is typically created on one of those free hosting services. The spammer doesn’t care if s/he gets shut down. The web page on this site contains a link to the true web site of the business. This way, the spammer draws complaints away from the ISP that hosts the real business web site. Complaints will go to the free ISP, and the relay web site will get shut down. It’s worth the effort to dig into the relay page to find the true webpage address. There are even some businesses that make it their business to host these relay web sites. These are tough to get shut down, but they’ll eventually go away with patient and persistant complaints to their ISP.

Encryption: Often spammers will try to hide their true URL through a combination of techniques. Another technique is to completely encode and encrypt the relay page using JavaScript. A JavaScript decrypter is used to rebuild the page for your browser. Of course, with some well-placed changes, you can make the decrypter dump the raw HTML to your screen to expose the web site instead. This requires a little programming experience, however.

Web page lock down: Many spammers will secure a web page with JavaScript so that you can’t right-click and get the properties of the page, or view the source, or do anything else to trace the web site. If you can get the URL of the page, then you can download the page to a file instead of loading it into a browser. This allows you to inspect the file in a text editor, such as Notepad.