Developer Quickstart
Integrate kairoxo into your stack in minutes with our standardized API and SOCKS5/HTTP protocols.
Initialize Account
Create your developer account and complete email verification to initialize access to the management console and API infrastructure.
Select Provisioning Plan
Provision Residential, ISP, or Mobile network resources tailored to your specific throughput and geographic requirements.
Configure Authentication
Retrieve your unique API credentials including username, password, and port mappings from the Secure Dashboard.
Implement Proxy Logic
Embed credentials into your application or automation workflow. We support native HTTP/S and SOCKS5 protocol implementations.
Execute Validation Request
Verify connectivity by executing a test request. Monitor headers, exit IP metadata, and latency benchmarks in real-time.
Connectivity Test
Utilize the following cURL examples to validate your credentials. Replace placeholders with your actual account data.
# Execute authenticated request via US-based residential gateway curl -x "http://USERNAME-f-country-us-sid-abc123-1-10:PASSWORD@premium-proxy.ipfist.com:9000" https://api.ipify.org
# Execute request via unmetered high-throughput endpoint curl -x "http://unlimitedKey:PASSWORD@unlimited.ipfist.com:10000" https://api.ipify.org
How the kairoxo Network Works
Every request you make traverses a three-tier topology: an authentication edge, a routing fabric, and a distributed exit fleet. The edge authenticates your credentials in under 8 ms, the routing fabric selects the optimal exit node based on your targeting parameters, and the exit fleet delivers the request from a legitimate residential, ISP, mobile, or datacenter IP.
The platform is built around three guarantees: a globally distributed pool of 100M+ unique IPs, a 99.99% SLA backed by automatic failover, and a sub-200 ms median TTFB to the most common collection targets. All endpoints terminate TLS 1.3 and support HTTP, HTTPS, and SOCKS5 on the same gateway.
Auth Edge
Validates credentials, applies ACL & rate limits, then signs the routing token.
Routing Fabric
Selects exit nodes by geo, ASN, session affinity, and live health scores.
Exit Fleet
Residential, ISP, mobile, and datacenter IPs distributed across 195 countries.
Credentials & Targeting Parameters
kairoxo uses standard HTTP Basic authentication over the proxy URL. Targeting modifiers are encoded as hyphenated segments inside the username, which keeps the wire protocol compatible with any HTTP, HTTPS, or SOCKS5 client without custom headers.
Credentials are scoped to a sub-account, which lets you isolate billing per project, revoke a single integration without touching the rest of your stack, and apply distinct ACLs (country allow-list, per-domain throttles, concurrency caps). Rotate the password at any time from Settings → Credentials; old tokens stop working within 30 seconds without dropping in-flight TCP sessions.
| Parameter | Type | Description |
|---|---|---|
| USERNAME | string | Sub-account identifier issued in the dashboard. Scope tokens by project to isolate billing and ACLs. |
| PASSWORD | string | Rotating credential. Regenerate from Settings → Credentials; old tokens are revoked within 30 seconds. |
| country | ISO-3166 | Two-letter exit country code, e.g. us, de, jp. Combine with region/city for granular targeting. |
| sid | string | Sticky session identifier. Reuse the same sid to keep the same exit IP for up to 30 minutes. |
Issue one sub-account per environment (dev / staging / prod) and one per workload. Easier billing attribution and instant blast-radius containment if a token leaks.
Sharing a single credential across browser automation and backend scraping. The two workloads have different rotation needs and you lose the audit trail.
Rotating Residential Pool
Residential proxies route requests through a peer-to-peer pool of consenting devices on real ISP connections. Because the source IP belongs to a household subscriber, residential is the highest-trust tier for targets that scrutinize ASN, browser fingerprints, or behavioral patterns — search engines, e-commerce sites, sneaker drops, ad-verification platforms.
- check_circle 100M+ unique IPs across 195 countries
- check_circle City- and ASN-level targeting included
- check_circle Sticky sessions up to 30 minutes
- check_circle Unlimited concurrent connections
- check_circle Automatic rotation on every request (default)
- check_circle TLS 1.3 + HTTP/2 on the edge
import requests
proxies = {
"http": "http://USERNAME-country-us:PASSWORD@gateway.kairoxo.io:9000",
"https": "http://USERNAME-country-us:PASSWORD@gateway.kairoxo.io:9000",
}
r = requests.get("https://api.ipify.org?format=json", proxies=proxies, timeout=15)
print(r.json())Static ISP (Datacenter-Hosted Residential)
ISP proxies are residential IP addresses leased directly from Tier-1 carriers and hosted in our datacenter racks. You get the legitimacy of a residential ASN with the throughput and stability of a dedicated datacenter line — the right choice when a workload needs the same IP for hours and cannot tolerate rotation.
When to choose ISP
- Account-based scraping requiring stable session IPs
- Long-running browser automation
- Ad verification with strict viewability windows
- SEO rank tracking from a fixed geographic vantage
Throughput envelope
- 1 Gbps symmetric per IP
- 256 concurrent TCP connections per IP
- Unlimited bandwidth — pay per IP, not per GB
- SLA-backed 99.99% per-IP uptime
Unmetered High-Throughput Endpoint
The unlimited endpoint is a fixed-cost gateway optimised for predictable, large-volume workloads such as RPA, market intelligence crawls, and continuous ML training data collection. You pay a flat daily rate per port and consume as much bandwidth as the port can sustain — no per-GB metering, no overage charges.
import fetch from "node-fetch";
import { HttpsProxyAgent } from "https-proxy-agent";
const agent = new HttpsProxyAgent(
"http://unlimitedKey:PASSWORD@unlimited.kairoxo.io:10000"
);
const r = await fetch("https://example.com", { agent });
console.log(r.status);The unlimited endpoint is engineered for sustained throughput, not burst attacks. Workloads that exhibit DDoS-like patterns are throttled at the routing layer to protect the pool. Contact engineering for confirmed sustained rates above 500 Mbps per port.
Choosing the Right Pool
Each pool exposes the same authentication surface but differs in concurrency, session persistence, and egress IP behavior. Match the pool to the trust profile of your target endpoint.
Residential
$0.50 / GBUnlimited concurrent · 30 min sticky
ISP
$4.00 / IP256 concurrent per IP · Unlimited sticky
Mobile 4G/5G
$1.00 / GBUnlimited concurrent · 10 min sticky
Datacenter
$0.55 / IPUnmetered bandwidth · Static IP
Granular Geo Modifiers
Append targeting segments to the username to constrain exit nodes. Segments are evaluated left-to-right and the most specific match wins. Unknown or empty targets fall back to the broader scope.
| Modifier | Example | Notes |
|---|---|---|
| country | country-de | ISO-3166 alpha-2 country code |
| region | region-bavaria | Subdivision name, lowercase, no spaces |
| city | city-munich | Requires country; falls back to country pool if no match |
| asn | asn-3320 | Pin to a specific autonomous system number |
| sid | sid-checkout42-1-30 | Sticky session id with TTL in minutes |
Management Endpoints
All management endpoints live under https://api.kairoxo.io, authenticated with a bearer token. Responses are JSON with cursor-based pagination on collections.
Response Codes & Retry Policy
Proxy errors are surfaced as standard HTTP status codes on the upstream response. Always implement exponential backoff with jitter; never retry tighter than 250 ms on a 429 or you will compound the rate limit. Persistent 5xx responses should trigger a fresh sticky session before the next retry.
Credentials missing or revoked. Rotate from the dashboard.
Concurrency cap exceeded. Back off with exponential jitter (base 250 ms).
Upstream target rejected. Retry on a fresh sticky session.