Tiny Online Tools logoTiny Online ToolssearchSearch tools…grid_viewAll Tools
Homechevron_rightSecurity Toolschevron_rightEmail ObfuscatorEmail Obfuscator

Email Obfuscator

Hide email addresses from spam bots while keeping them readable to humans. Multiple methods: HTML entities, Base64, ROT13, and more.

contact@example.com

Similar Tools

Email Deobfuscator

Email Deobfuscator

Decode obfuscated emails back to plain text. Handles HTML entities, Base64, ROT13, [at] / [dot] formats, reversed text, and more.

Email Generator

Email Generator

Generate random email addresses for testing and development.

HTML Entity Decoder

HTML Entity Decoder

Decode HTML entities back to readable characters. Supports all named entities, decimal and hexadecimal numeric references.

HTML Entity Encoder

HTML Entity Encoder

Encode special characters to HTML entities. Choose essential encoding (&<>"'!) or full non-ASCII encoding.

PDF Metadata Viewer

PDF Metadata Viewer

View comprehensive metadata from PDF files including author, dates, dimensions, and more.

Random IP Generator

Random IP Generator

Generate random IPv4 and IPv6 addresses for testing and development. Choose public, private, or any scope.

PDF to Text

PDF to Text

Extract plain text from PDF files instantly in your browser. No uploads, no sign-up required.

apps

More Tools

Browse our full collection of free online tools.

Why Obfuscate an Email on the Web?

Spam bots continuously scrape webpages for email addresses. A plain mailto:[email protected] in your HTML becomes mailing-list fodder within hours of being indexed. Obfuscation makes the address difficult for naive scrapers to parse while still being reachable by real visitors.

Methods in This Tool

  • HTML entities — Each character becomes &#NN;. Browsers render it normally; many scrapers skip it. Cost: slightly bigger markup.
  • Reversed + CSS — The string is stored backwards in the DOM with direction: rtl. Humans see it upright; simple regex scrapers see nonsense.
  • Base64 + JS decoder — The address is base64-encoded and decoded by a tiny inline script on page load. Scrapers that don't execute JavaScript never see the plaintext.
  • ROT13 — Each letter shifted 13 places. Obvious to humans once they know, invisible to naive matchers.
  • [at] / [dot] — Human-readable form: contact [at] example [dot] com. Easy to copy, easy to read, invisible to regex.

Which Method to Pick?

  • If you want the address to stay clickable: HTML entities or Base64 + JS.
  • If you want it visible but not clickable: Reversed + CSS, or [at]/[dot].
  • If you care about JavaScript-disabled visitors: avoid Base64.
  • If you care about SEO: all methods are invisible to search engines' email extractors, which is the point.

Limitations

Modern sophisticated scrapers execute JavaScript and recognize entity encoding. Treat obfuscation as a reduction of spam volume, not a full defence. For mission-critical inboxes, pair obfuscation with a contact form and a catch-all filter. Runs entirely in your browser — your email is never logged.