You might also be able to get it down to a 5 or 6 bit encoding by pre-scanning the string and determining the lowest ASCII value and the range. The if that range is small enough, you can use fewer bits to encode. Of course, since hacker was trying to compress URL's, the range is usually going to be 73 chars (URL's always contain period (ASCII 46) and usually go up to 'w' (ASCII 119)), so 7-bits is about minimum. And by encoding the normalized value and bit count you just added two bytes...

c.