Email Privacy Checker
Last updated:
Find email addresses that spam bots can harvest from your page. We scan for plain-text and mailto addresses, rate the exposure, and show you safer ways to publish contact details.
Enter a page URL to scan for exposed emails:
Security findings like these are what we monitor daily.
Our maintenance plans keep an eye on SSL, headers, DNS, uptime, and backups so you never have to think about it. From $49/mo.
All good, today. Who’s watching tomorrow?
Sites drift: certificates expire, DNS changes, software ages. Our maintenance plans watch it all, from $49/mo.
Want us to act on this result? Fix these findings →
Prefer the partnership route? Refer clients to us, earn 10% →
How the Scanner Works
- Fetch the page, the host is validated and the HTML is read.
- Find addresses, plain-text and mailto emails are extracted.
- Assess exposure, counts and obfuscation signals are weighed.
- Recommend fixes, you get safer publishing options.
Why It Matters
- Less spam, hidden addresses get harvested far less often.
- Fewer phishing targets, exposed staff emails invite attacks.
- Cleaner inbox, contact forms filter junk before it reaches you.
- Professional image, controlled contact paths look polished.
The most reliable fix is a well-built contact form with spam protection rather than a raw address. Our website maintenance services build fast, spam-resistant contact forms and clean email routing so your inbox stays sane.
Email Obfuscation Methods Reference
If you must publish an address, there are several ways to hide it from harvesters, each with a different trade-off between protection and usability. No method is perfect, determined scrapers with headless browsers can defeat most of them, so a contact form remains the strongest option. Here is how the common methods compare.
| Method | How it works | Effectiveness |
|---|---|---|
| HTML entities | Each character is encoded, e.g. @ becomes @. The browser renders it normally; a plain text scraper sees codes. | Low. Stops only the most basic bots; any scraper that decodes entities reads it. |
| JavaScript assembly | The address is split and joined by JavaScript at load time, so it never appears whole in the raw HTML. | Medium. Defeats crawlers that do not run JavaScript, but headless browsers can still execute it. |
| CSS direction trick | The address is written backwards and reversed visually with CSS direction / unicode-bidi. | Low to medium. Fragile, and it harms copy-paste and screen readers, so it is rarely advised. |
| Contact form vs mailto | A form keeps the address server-side with spam protection; a mailto link exposes it in the HTML. | High (form). The most reliable option for public pages and usually converts just as well. |
| Image of the address | The address is rendered as a picture so no text exists in the HTML. | High against text scrapers, but worst for accessibility, screen readers and copy-paste fail, so avoid it. |
Next steps
Email Privacy Checker related tools and articles
Continue with the closest follow-up checks and guides based on this tool's topic, crawl intent, and optimization workflow.
Email Privacy Checker: FAQ
What does the Email Privacy Checker scan?
How is the Low, Medium, or High risk label assigned?
Why do mailto and plaintext counts overlap?
What obfuscation methods can the report recognize?
Why can a browser-visible address be missing from the scan?
How should I reduce confirmed email exposure?
Can this checker prove that an email address is protected from bots?
What data is sent during an email privacy scan?
Free 48-Hour Website Audit
Not sure what to fix first on your own website? We'll review it and tell you, in plain English. Free & non-obligatory.
Want a Spam-Resistant Contact Setup?
We build fast contact forms with spam protection and clean email routing so your inbox stays sane.