Overview
Cloak Proxy provides residential proxy access for your account over three entrypoints: HTTP (plain CONNECT), HTTPS (TLS to our edge, then CONNECT to your targets), and SOCKS5 with username/password. Authenticate with HTTP Basic in the proxy URL (or the equivalent fields in your tool). Traffic is carried over our edge and exits to the public internet from addresses in our residential pool. On the public service, traffic is accepted at gate.cloakproxy.com on HTTP port 8080, HTTPS port 8443 (TLS proxy URL), and SOCKS5 port 1080.
Geo and sticky behaviour follow the targeting options enabled for your plan—use this page together with the notes in your welcome email and anything your dashboard shows for your account.
Dashboard snippets & live strings
The client dashboard → Your proxy section is the source of truth for your account: it shows the live HTTP, HTTPS, and SOCKS5 connection strings (host, ports, user, password) and expands ready-to-copy snippets—curl, Node.js, Python, shell environment variables, and other examples for the protocol you select there. Use the toggles on that screen to switch between HTTP, HTTPS, and SOCKS5; copy from the dashboard whenever you integrate a new tool.
Examples below use placeholders USER and PASS for your dashboard credentials. The public hostname is gate.cloakproxy.com with ports 8080 (HTTP), 8443 (HTTPS proxy), and 1080 (SOCKS5). The Your proxy screen always shows the exact strings for your account if anything differs.
Credentials
- Open Sign in and authenticate.
- Open Your proxy on the dashboard and copy the HTTP, HTTPS, or SOCKS5 block you need—the cards include your live username, password, host, and ports plus expanded snippets.
- If you rotate the proxy password from the dashboard, update every client immediately; old credentials stop working.
URL-encode the password in the proxy URI if it contains reserved characters (@, :, #, spaces, etc.). Most tools accept the encoded form inside http://user:pass@host:port (or https://… for the HTTPS entrypoint).
Protocols & ports (HTTP / HTTPS / SOCKS5)
All three are first-class: pick the one your stack supports best. On gate.cloakproxy.com the default listener ports are 8080 (HTTP CONNECT), 8443 (HTTPS to our edge, then CONNECT), and 1080 (SOCKS5 with username/password).
- HTTP —
http://USER:PASS@gate.cloakproxy.com:8080— plain TCP, then HTTP CONNECT to your target host. Usecurl -x http://…or your app’s HTTP proxy settings. - HTTPS —
https://USER:PASS@gate.cloakproxy.com:8443— TLS to our edge first; inner traffic is still CONNECT to your targets. - SOCKS5 —
gate.cloakproxy.com:1080with RFC 1928 username/password auth. The dashboard includes a readycurl --socks5-hostname …line with the same host and port.
Country hint (Cloak-Country)
An optional Cloak-Country: US style hint (two-letter ISO country code) nudges the residential exit toward that region. The gateway maps it to the same password suffix convention you can also type yourself (for example _country-US), appended after your session suffix when present. The header may also be sent on the proxy CONNECT when your client supports it.
With curl and an https:// target, -H "Cloak-Country: …" applies only to the encrypted request to the website—the proxy does not see it. Put the hint on the proxy CONNECT instead, for example:
curl --proxy-header "Cloak-Country: US" -x 'https://USER:PASS@gate.cloakproxy.com:8443' -sS https://ipinfo.io/json.
For an http:// URL over -x http://…, a normal -H "Cloak-Country: US" is enough because the proxy handles the full HTTP request.
Sticky sessions (same exit IP)
For a stable exit address across multiple requests, append exactly one underscore after your proxy password (the same one the dashboard shows in your connection string), then your chosen session id—for example:
# Password field = your proxy password + _session-<your-id> (no space) curl -x http://USER:PASS_session-myshop9a2f@gate.cloakproxy.com:8080 https://api.ipify.org
We validate the password you were issued, then apply the _session-… suffix so that id keeps the same exit IP until you change mode or start a new session. Keep the suffix alphanumeric where possible.
HTTP & HTTPS clients (short examples)
Minimal patterns only—your dashboard prints the full strings and longer snippet blocks for both HTTP and HTTPS entrypoints.
# HTTP CONNECT on port 8080 curl -x http://USER:PASS@gate.cloakproxy.com:8080 https://example.com # HTTPS proxy — use --proxy-header so the edge sees country on CONNECT curl --proxy-header "Cloak-Country: US" -x https://USER:PASS@gate.cloakproxy.com:8443 https://example.com # Environment style (many stacks respect these for HTTP proxies) export HTTPS_PROXY=http://USER:PASS@gate.cloakproxy.com:8080 export HTTP_PROXY=http://USER:PASS@gate.cloakproxy.com:8080
Language SDKs that support a “proxy URL” generally accept the same http://user:pass@host:port or https://user:pass@host:port shape when an HTTPS proxy front-end is supported.
SOCKS5 (short example)
For a copy-ready line with your credentials filled in, use the SOCKS5 card on Your proxy (same host gate.cloakproxy.com, port 1080).
# SOCKS5 on port 1080 (curl 7.84+) curl --socks5-hostname gate.cloakproxy.com:1080 -U USER:PASS https://example.com
Verify exit IP
When signed in, the dashboard can run an on-server IP check against your configured endpoint. You can also hit a simple echo service through the proxy with curl as shown above (for example https://api.ipify.org).
Balance & trial
Paid balance is topped up in cryptocurrency through NOWPayments from the dashboard. The 100 MB trial is issued only after you message Telegram @cloakproxy from your Telegram account and we complete a quick acceptable-use check—no card checkout for the trial allocation.
Residential usage is metered per completed proxy session. Each session adds billed bytes to your totals and reduces balance by the same amount (at least 600 bytes counted per session even if the tunnel moved less data).
Support
Use on-site chat (widget on marketing pages), Telegram @cloakproxy, or sales@cloakproxy.com for access, billing, or abuse questions.