>Try the above verbiage in Google.com and you will get over 100,000 hits. My understanding on this subject is that you can hide a URL through a number of schemes in use. Not a pleasant thought but it does seem to be reality.
On the web, sure - you can hide it in a JavaScript file which is in a directory where you can't go directly but the server-side app can.
But in the source of the email it has to be all there, at least the place where it starts from, and even something like
? lid = % 21 % 22 0 % 20 % 20 % 0A &s=67% 29 % 2E % 2B % 5F X % 5D % 3F UHWWUH % 2B % 3C % 27 % 5F % 5C 7O % 2D R % 28 PI % 3E 27 % 40 % 20 % 20 % 0A
(couldn't actually paste, because Michel's analyzer thinks it's a style tag, so I included all these spaces)
...in the trail of the link can be urldecoded (even if you don't have wwipstuff, it's easy to decode) and you can see what it really is (garbage, in this case - but meaningful to the code waiting for you to get caught in it :).