Cloak.
← Back to browser

How it actually works

When you enter a URL, your browser sends it to our server. Our server fetches the page from the target website, strips out scripts, trackers, iframes, and external resources, then sends the clean content back to you. The target site only ever talks to our server — it never sees your IP, cookies, browser fingerprint, or referrer.

Links inside scraped pages are rewritten to route through Cloak too. Click anywhere — you stay anonymous.

What's protected

  • Your real IP address — sites see our server's IP
  • Your cookies — none are sent or received
  • Your browser fingerprint — no JS runs on the target site from you
  • Your referrer — sites can't tell where you came from
  • Your history — nothing is saved server-side; refresh wipes the session

What doesn't work — and why

  • Logins (Gmail, Twitter, banking). No JavaScript runs and cookies aren't persisted.
  • Web apps (Google Docs, Figma). These need full browser execution which a scraper can't provide.
  • Streaming (YouTube, Netflix). Video DRM and live JS players don't survive scraping.
  • Cloudflare-protected sites. Many actively block scrapers; the request will fail.
Don't use this for sensitive things.

Never enter passwords, payment info, or personal data into a page loaded through Cloak. This tool is for reading — articles, docs, news, public pages. Cloak is not a VPN: it doesn't protect anything you do in other browser tabs.

Cloak uses Firecrawl for server-side scraping. No request data is logged or stored beyond what's needed to fetch the page.