Make More Money with LeadCloak - How does LeadCloak fare against commercial cloakers?

Create campaigns with confidence. Make your accounts last longer.

Feature Comparison

Landing Page Rotator
Javascript CDN Cloaker
PHP-based Cloaker
Combination Cloaker (PHP+JS)
Zero-redirect Cloaker
WordPress Plugin
Javascript Timezone Detection
User Response Detection
Device Fingerprinting
WebRTC IP-Leak Detection
Smart Campaign Activator
Frequency Capper
Real Device Detection
(mobile, tablets, desktops) using accelerometer, gyroscope etc. checks
Multi-User Access For Teams
IP PTR Record Lookups
Advanced User Agent Detection
Prevent Headless Browsers
Block Obsolete Browsers
Landing Page Protector
Direct Peering with CloudFlare
Software Model SaaS Self-hosted SaaS SaaS SaaS
Hosting Colocation/Owned Hardware Cloud Cloud Cloud Cloud

Features Explained

Landing Page Rotator

If you need to rotate marketing or affiliate links with different criteria you can do so in minutes without any technical skills and or without installing any code. A rotator is necessary when you want to perform A/B test experiments to evaluate which of your landing pages is performing better. This is particularly helpful when you're tracking conversions (sales, opt-in's etc.). We support Weighted link rotator. You can set a weight to each link, meaning the rotator will stay at that URL until the weight number has been exceeded, then it will move on to the next URL.

Javascript CDN Cloaker

Simple JavaScript is the simplest way to implement the LeadCloak integration code.

A JavaScript redirect is used, and unsafe visitors remain on the safe page where you paste this code. If a safe page URL has been specified in the Campaign Setup, the user will be redirected to that safe page. In this case, the page on which the code is pasted becomes a "bridge page".

PHP-based Cloaker

If you would like to Cloak using only "server-side" parameters, then PHP cloaker is the way to go.

If a Safe Page URL is specified, a PHP 302 redirect is used. Otherwise, no redirect is involved, and the user stays on the safe page.

To use this implementation, your own safe page is required. However, it will work even If you do not own the safe page. Yes, we do support using third-party sites as the safe page.

Combination Cloaker (PHP+JS) (Advanced Mode)

This integration method combines the features of both the Simple Javascript and Simple PHP cloakers. It allows you to perform both client-side and server-side tests.

Zero-redirect Cloaker

The Power Mode uses Advanced Mode with no-redirect using iFrames where the URL in the Address Bar doesn't change even though a lot of interesting things are going on in the background. This is useful for ad networks that use redirection patters to identify cloaked campaigns. We strongly recommend that you use this mode for Google and Facebook traffic.

Certain features (i.e. User Response Detection and TimeZone detection features) only work with the JavaScript integration and cannot work with any of the Simple PHP methods. They can, however, also work with Advanced or Power Modes.

WordPress Plugin

Our WordPress Plugin support all cloaker types - Simple Javascript, Simple PHP, Advanced Mode and Power Mode.

Javascript Timezone detection

Geo-targeting is mostly done by using IP based attributes to determine the users' location in the world. However, it's common practice to use VPNs to fool geo-location detection and circumvent services that restrict access to their services. Time zone detection serves as Geo-targeting validation. We've come up with a method that allows us to detect if users accessing your campaigns from a given location around the world, really are in that area and not just connected over a VPN.

User Response Detection

Automation is a key tool in the IT Industry. We use it in everything and depend on it to do a lot of mundane task, like for example, testing, spam competitors and for many more shady and legit uses. User Response Detection is the answer to avoid your campaign being abused by automation software, it's Captcha for your campaign. Enabling this feature will add a prompt to your campaign that expects some sort of user input for the click to be valid. If no input is detected the traffic will be sent to your safe page, safeguarding your landing page from unintended access.

This option is available to all our JavaScript-enabled clients.

Device Fingerprinting

All devices that pass through our cloaker are automatically fingerprinted that uses over 25 different checks. These checks take <10ms for calculations on the user's device and is not noticable. You can find the user's device's fingerprint (for each impression/click) in the 'Statistics & Reports' section.

WebRTC IP-Leak detection

WebRTC is a browser feature that could leak your IP address even if you are behind a security tool like VPN. It is mostly enabled by default in popular browsers, most noticeably, Firefox and Chrome and that's how you are unknowingly leaking your IP address.

A website could take advantage from WebRTC security hole and can use simple script to access IP details from STUN server. VPNs use the STUN server to translate local home IP address to a new public IP address and vice versa. Therefore, the STUN server develops a table for both your VPN-based public IP and your real IP address while you are connected to a VPN.

CloakMatic Smart Campaign Activator

Campaign traffic has a life of its own. Traffic is usually modeled by how you configure your campaign and what users you are targeting. By studying these factors, traffic can be predictable and catching say, ad network reviewers becomes easier. CloakMatic was created with the purpose of detecting outliers in your traffic and stopping them from accessing your landing pages. By analyzing campaign traffic patterns, we allow or deny incoming traffic to your campaign by comparing it against filters specified in your campaign settings and activating or deactivating the campaign as should the case suggest.

Frequency Capper

VisitorCap was designed to protect your campaign from recurring traffic from the same source. Recurring traffic isn't necessarily a bad thing; however, it can mean that someone is trying to test your campaign or copy it. Once enabled for your campaign, VisitorCap will check incoming traffic against historical traffic and forwarding it to your safe page if the same visitor has already been through your funnel more time than you're comfortable allowing the same user to visit your campaign, thus ensuring that your landing pages receive the traffic you want.

Real Device Detection (mobile, tablets, desktops) using accelerometer, gyroscope etc. checks

Basic device detection relies on User Agent matching to determine what device is accessing your campaign. This is easily spoofed however (modified/altered) but we look for additional criteria that allows us to accurately determine if for example, the user is really on Mobile Device or even what brand of mobile device.

A probable use case can be that you want to allow Mobile devices to access your campaign but only iOS devices and you want to ensure that they're REAL physical devices and not emulators coming to your campaign.

When this option is enabled, we look for browser-specific APIs to check to make sure whether the said device is a Desktop, Tablet or a SmartPhone. For starters, web-enabled smartphones are capable of determining their orientation. Upon request, smartphones can report data indicating changes to their orientation with relation to the pull of gravity. We also check for the presence of an accelerometer and gyroscope to further narrow down the existence of a true smartphone.

Multi-user access for teams

With multi-user accounts, agencies can easily manage media buyers, internal teams and teams of any size can collaborate. Each media buyer can have their separate account, and can manage their own campaigns under the master account.

IP PTR record lookups

Some Ad Networks use non-standard IP ranges such as Residential, Commercial, Mobile etc. instead of their designated Search Engine, Data Center or CDN categories for their Ad Reviews (Yeah, it's a sneaky tactic to prevent amateurs from cloaking). We look for certain patterns by performing a reverse DNS lookup, and block those IP ranges from accessing your campaigns.

Advanced User Agent detection

This filter analyzes the user string with our advanced string detection algorithms to detect spambots.

Prevent Headless Browsers

Headless browsers are tools created for developers to perform automated testing of their websites. They are capable of simulating a browser in every way and with the proper scripting, simulate human interaction with a website. In actuality, these tools are of common, wide-spread use by anyone that wants to automate websites, this includes ad network reviewers. The purpose of the feature is to avoid access to your landing pages from being accessed by these scripts. We do this by checking for traces of all major headless browsers in the market and if detected, send them to your safe page. We currently allow blocking headless browsers utilizing the Selenium, PhantomJS, NightmareJS etc. engines.

Block Obsolete Browsers

Some ad networks use user agent strings that belong to obsolete browsers such as IE 6 etc. This feature blocks such requests. Currently, we only have support to block Internet Explorer versions 6.0 to 10.0. We will add support for other browsers later.

Landing Page Protector

PageSentry was designed to avoid unsolicited traffic from reaching your landing pages and keep them safe from URL scanners, ad network reviewers or even competitors that book mark it after going through your funnel one time. Once installed onto your landing page, PageSentry will redirect every request that fails to meet your campaign settings, to your safe page protecting your campaign by forcing users to go through your funnel to reach it.


We are hosted in a colocated facility in the US. We have a 10Gbps multi-homed Tier-1 fiber optic connection to our rack. We utilize CloudFlare's DDoS mitigation solution, and we also directly peer with CloudFlare to save on network latencies. We use powerful Dell PowerEdge computer servers for our web, and database servers. Our database clusters are powered with FusionIO SSD drives that are capable of performing at over 350,000+ IOPS (Input Output Per Second). All parts of the entire process are optimized so we can deliver a less than 100ms round-trip time between your servers and ours going through CloudFlare.

Copyright © 2019 LeadCloak. All rights reserved.

LeadCloak offers Skype support. Please add us on this ID on Skype - live:leadcloak

Current Server Time: Thursday, 27-Feb-20 16:57:21 UTC