Residential network policy

Learn about Bright Data's residential network policy, what's the difference between immediate and full access, and how to submit your KYC

Residential Proxy Network Policy

To protect Bright Data's residential network, monitoring rules are applied to all traffic preventing customers from accessing domains outside their use case and Bright Data's network policy.

Quick Start With Immediate Access

Bright Data allows its clients to immediately use their residential network, with over 240 websites compliant with our Terms of Service. The list of websites includes all main target websites and keeps growing. In order to obtain immediate access to the smart-residential network. 

When creating a Residential network zone for the first time on the 'My Proxies Page',  after you click on "Add Proxy", you will be displayed with the following message: 

After selecting “Yes”, two options will be presented

  • Immediate access - Grants you access to 240+ websites, without having to submit KYC.
  • Full access - Grants you complete and full access to use your Residential proxy. You will need to submit KYC. 

When selecting “Immediate access” you will be provided with some basic guidelines that you’ll need to follow, and that’s it!

Certificate Requirement for Immediate Access

Installing our certificate is required to prevent misuse of the Residential Network. Once the certificate is installed, preventing such misuse can be done automatically - Doing so allows us to provide immediate access to the residential network without any verification process, and still remain compliant with our terms of service.

Installing the certificate can be done using the Certificate installation guidelines.

Bright Data will have access to traffic usage, i.e. web pages visited, time spent on those pages, access times, and dates. Bright Data will save this information for a limited amount of time in order to fix any performance issues, that may occur and allow our compliance team to verify the proxy usage is in accordance with our ethical guidelines.

Bright Data will not share this information with third parties, excluding scenarios where it is required in order to comply with applicable law. Learn more about our privacy policy.

Supported sites on Smart-Residential network

View the 240+ websites available with immediate access, on our ‘Immediate Access Page’

Targeting Unsupported Sites with Immediate Access

Targeting domains that are not yet a part of the immediate Smart-Residential network will result in an error message. 

It can be identified that the domain is not approved yet by reviewing the x-luminati-error header response: "Requested site is not available for immediate residential access mode.

Ask your account manager to get full residential access for targeting this site."

KYC (Know-Your-Customer)

"Know Your Customer" (KYC) is a process for every customer wishing to obtain full access to his Residential proxy, and access sites not already pre-approved by our compliance team. When submitting your KYC, you’ll be asked to present and clarify your use case in order to target those sites with the Residential proxy network.

Full Access 

When selecting the "Full access requires identity verification" option, you will have to submit your personal details, and specify your use case. After you’ve done so, your KYC will be submitted to Bright Data’s compliance team and will either be approved or declined within 2-3 business days.

At any point, a KYC can be submitted by choosing the "Full access requires identity verification" option. 

Please note: Accessing a domain, which is not included in your approved use case, will result in the following error message:

>x-luminati-Error:Access denied: {Domain} access was blocked as it might breach Bright Data usage policy. Contact or your Account Manager for further assistance

If you’d like to request access to a specific domain not currently within the Bright Data network policy please contact our compliance team ( or reach out to your account manager and explain why accessing such a domain is required as part of your use case. Our team will be happy to assist.

Network size

To see the availability (estimated) of Bright data network within a country, please check:

To check a specific country, add to the URL the country code:
For Argentina, use the following:
For Great Britain use:


Rate limit and IP detection domains 

To protect the peer network (PII regulation), Bright data enforce a rate limit to IP detection domains.
Therefore, requests to such domains might result in the following errors:

- The proxy server is refusing connections
- Header error:

< HTTP/1.1 429 Requests rate to <Domain> is too high
< X-Luminati-Error: Requests rate to <Domain> is too high

The rate limit is per user and use-case and can be resolved by choosing a different super proxy.
(replace with specific super proxy IP, or use session ID for the super proxy)


Note - domain is  monitored by the rate limit function and will return the IP geolocation

If your program/tool requires IP detection domains to connect, you can contact our compliance team and elaborate on the use case -


Hashed IP format

When using Bright data residential network, the response header of the IP (AKA x-luminati-ip header)

will return the IP address hashed (16digits encryption)

Response example:


We want to protect the IP address for two main reasons:
- PII regulation: protect the information of the peer
- Reduce/Abolish the option of abusing the peers

Requests to domains out of our control will be rate limited.

Datacenter and ISP networks are out of the above policy and will provide the IP address in the response.


Superproxy Bypass (direct request)

The "x-luminati-ip" header in the request refers to the IP address which will send the request to the domain (AKA "Proxy peer").
Due to different network restrictions mentioned in the article, in some cases, the residential proxy peer won't be allowed to send the request, and the request will be sent from the super proxy server.

< x-luminati-ip: superproxy bypass


If it's required to send the request from the proxy peer and not the super proxy, you should contact compliance to whitelist the domain activities; this will allow the request to be sent from the proxy peer.

Please note that the Bright data compliance team will require a detailed explanation to allow requests from the proxy peer, not the super proxy. 
You can contact to add domains or to get more information about Super proxy direct requests.

Due to Bright data policy, requests to forbidden domains might face "block" response, in such cases please get in touch with our compliance department to confirm your activity and use case



Was this article helpful?