Documentation
StickyIdentity™ dedicated IP and connection management documentation.
Welcome to StickyIdentity™ Docs
Learn how your dedicated IP, usage tracking, and subscription lifecycle work together inside StickyIdentity™.
-
Start with
Introductionto understand how your dedicated IP works. -
Explore
Your Connectionto see how your IP is enabled, disabled, and tied to your subscription.
Introduction
Note
StickyIdentity™ gives you your own dedicated internet connection.
One IP assigned to you — stable, private, and never shared with anyone else. As long as your subscription is active, your IP stays the same.
IP type — datacenter
The IPs we assign are datacenter IPs — not residential, not mobile, not ISP IPs.
They come from IP ranges registered to hosting providers, which means some sites (banks, streaming services, ticketing platforms, a few games)
can detect and block datacenter traffic regardless of who is behind it.
If your use case requires a residential or ISP IP — for example to bypass a platform that specifically blocks datacenter ranges — this service is not the right fit. For stable connections, a persistent public identity, gaming servers, remote access, low-latency routing, general browsing, and most streaming, datacenter IPs work perfectly.
If your use case requires a residential or ISP IP — for example to bypass a platform that specifically blocks datacenter ranges — this service is not the right fit. For stable connections, a persistent public identity, gaming servers, remote access, low-latency routing, general browsing, and most streaming, datacenter IPs work perfectly.
What StickyIdentity™ gives you
StickyIdentity™ is not a shared IP pool and not a rotating proxy. It is a dedicated internet connection built for real people — gaming, streaming, video calls, everyday browsing. One user, one IP. Not for bots.
-
1 dedicated IP assigned to you and you alone — never shared, never rotated.
-
Stable route, low ping optimized for online gaming, video calls, and real-time applications.
-
4K · 8K streaming ready 1 TB (1000 GB) monthly bandwidth — enough for an entire household of streaming, gaming, and daily use.
-
Your Connection Dashboard total visibility and control — bandwidth usage, activity, access management, connection health, all in one place.
-
Real-time usage tracking monitor your monthly bandwidth (GB) and activity live from your dashboard.
-
Built for humans, not bots automation, scraping, and mass data collection are not permitted.
How the docs is structured
The left sidebar navigates across major areas: your connection, security,
account access, billing, and usage. Use the On this page
panel to jump directly to a subsection.
Core concepts
-
Identity your dedicated IP, assigned to your account alone.
-
IP type datacenter IP — stable and dedicated, but registered to a hosting provider. Not residential, not mobile, not ISP.
-
Usage your monthly bandwidth (GB) and activity counters.
-
Lifecycle your connection stays active as long as your subscription is valid.
The rest of this documentation explains how your connection is created, secured, monitored, and tied to your subscription.
Security Model
Note
StickyIdentity™ is built on strict isolation.
Each dedicated IP is assigned to a single user and never shared.
Layers of protection
-
Exclusive IP allocation no shared IP pools, no rotation.
-
IP allowlists restrict who can use your connection.
-
Rate limits protect dashboard and account endpoints.
-
Hashed session tokens secure account authentication.
-
Audit logs full traceability of connection state changes.
Connection credential security
Each connection has unique credentials (username + password) used to authenticate traffic through your dedicated IP.
-
Initial generation credentials can be generated without entering the account password.
-
Subsequent reveals or regeneration require password confirmation (step-up authentication).
-
Ephemeral exposure credentials are temporarily displayed and automatically cleared from memory.
-
Delayed export a short countdown prevents accidental disclosure.
This step-up verification model protects against session hijacking, unauthorized access from unlocked devices, and silent credential scraping.
Important
Your dedicated IP is revealed only once during initial credential generation.
It is not permanently exposed in the dashboard to reduce attack surface
and prevent passive infrastructure discovery.
Store your configuration securely upon creation.
Sensitive data handling
-
Hashed session identifiers Session tokens are stored hashed in the database — raw tokens are never persisted.
-
No plaintext credential logging Connection credentials are never written to application logs, error outputs, or audit trails.
-
No credentials via email Raw credentials are never sent by email. Only activation links and time-limited tokens are transmitted.
-
Hashed source IPs Source IP addresses in logs are hashed — raw IPs are never stored. The fingerprint is used for abuse detection and security, but cannot be used to reconstruct your identity or browsing history.
Important
Never expose your connection credentials publicly.
Treat them like any other account secret — they grant access to your dedicated IP.
Two-factor authentication (2FA)
Two-factor authentication adds a second verification step on top of your password — even if someone steals your credentials, they still cannot access your account without your second factor. We strongly recommend enabling 2FA on your account.
StickyIdentity™ supports three independent 2FA methods:
-
Authenticator app (TOTP) Generate 6-digit codes from an app like Google Authenticator, Authy, or 1Password. Works offline and is the most secure option.
-
Email OTP A one-time code sent to your verified email address at login.
-
SMS OTP A one-time code sent by text message to your verified phone number.
Multiple methods = all required
If you enable more than one 2FA method, all of them will be required at login and for any sensitive account operation (changing your email, deleting your account, revealing connection credentials).
This is intentional — the more methods you enable, the harder it is for an attacker to bypass your account, even if one channel is compromised.
Backup codes
After enabling 2FA, we strongly recommend generating and saving your backup codes. Backup codes are single-use recovery codes that let you sign in if you lose access to your 2FA methods — lost phone, broken authenticator app, no signal for SMS, or locked out of your email.
-
Single-use Each backup code works only once. After use, it is permanently consumed.
-
Store them offline Print them, write them down, or save them in a password manager. Do not keep them in the same place as your 2FA device.
-
Your only fallback If you lose access to all your 2FA methods and have no backup codes, account recovery requires contacting support with proof of identity — which can take time.
Resetting your 2FA methods
You can reset or reconfigure your 2FA methods at any time from your account settings. However, this operation has permanent consequences — please read carefully before proceeding.
Resetting 2FA wipes your protection
When you reset your 2FA methods, all existing backup codes are permanently invalidated and your account is no longer protected by two-factor authentication until you enable it again. You will need to re-enroll each 2FA method from scratch and generate a new set of backup codes.
-
All backup codes are wiped The set of backup codes you previously saved is destroyed. Any code you had written down or stored elsewhere will no longer work.
-
Your account becomes password-only Until you re-enable 2FA, your account is protected only by your password. If your password has ever been exposed, this is the window where your account is most vulnerable.
-
Re-enroll immediately As soon as you reset, re-enable your preferred 2FA methods and generate a new set of backup codes right away. Do not leave your account unprotected.
-
Confirmation required Resetting 2FA is a sensitive operation. It requires your password, an active 2FA challenge (if any method is still accessible), and an email confirmation step.
Security log levels
-
success connection created, enabled, credentials generated.
-
warning unusual usage spike, allowlist mismatch.
-
danger subscription expired, connection auto-disabled.
Access & Account Flows
StickyIdentity™ focuses on secure account access and connection lifecycle management. Since each dedicated IP is tied to a subscription, authentication and billing states directly impact connection availability.
Cloudflare Turnstile on public auth pages
The registration, login, and password reset pages are protected by
Cloudflare Turnstile — a privacy-friendly CAPTCHA alternative. In most cases validation happens silently in the background
and you will never see a puzzle. A visible challenge only appears when our systems detect unusual patterns (repeated failures,
high-risk networks, automation signatures). A valid Turnstile token is required on every submission of these forms —
requests without one are rejected with a
403.Account registration
Registration goes through a strict multi-step validation pipeline before any account is created. Each step can independently block the request — here is the full sequence:
-
Session token required The form generates a temporary session cookie on load. Submitting without it — direct API calls, automated scripts — is immediately rejected with a
401. -
Cloudflare Turnstile verification A valid Turnstile token must be attached to the request. The token is validated server-side against Cloudflare. Missing, expired, reused, or failed tokens are rejected with a
403before any further checks run. -
Email domain validation Disposable email providers are blocked. The domain's MX records are verified live. Invalid or undeliverable domains return an explicit
403error. -
Server capacity gate If pending registrations exceed a system threshold, new submissions are temporarily refused with a
503to protect infrastructure. -
Bot detection The form tracks how long it was open before submission. A submission under 10 seconds is flagged as automated and blocked with a
403. -
IP flood control Verified accounts created from the same IP within the last 24 hours are counted. Exceeding the daily limit blocks further registrations from that address.
-
Profanity filter First name, last name, full name, and username are each independently checked. Any match returns a
400with a focus link to the offending field. -
Password validation The password and its confirmation are validated as a pair. Weak or mismatched values return a
400with a direct link to the password field. -
Email existence & deletion check If the email is already registered or was previously associated with a deleted account, the server returns a neutral response — see the callout below.
-
Account creation & email delivery If all checks pass, the account is created and an activation email is sent. Rate limits on email delivery apply per IP and per address. Failures are silently absorbed into the same neutral response.
What is a neutral response?
For any step involving email existence or account deletion, the server deliberately returns the
same response regardless of the real outcome — success and failure look identical to the client,
with a randomized delay of 500ms–2 seconds.
This prevents enumeration attacks: no one can determine whether an address is already registered, was deleted, or simply does not exist. Email delivery failures and rate limits are also silently absorbed into this same neutral response.
This prevents enumeration attacks: no one can determine whether an address is already registered, was deleted, or simply does not exist. Email delivery failures and rate limits are also silently absorbed into this same neutral response.
Account activation
-
Activation link After registration, a time-limited signed token is sent to the provided email. Clicking it verifies the account and marks it active.
-
Already activated If the account was verified recently (within 3 minutes), a confirmation page is shown instead of an error.
-
Invalid or expired link A specific error page is displayed. The link cannot be reused.
-
On success Roles are assigned, a password history entry is recorded, and all temporary registration data is permanently removed. No dedicated IP is allocated until a valid subscription exists.
Login
The login pipeline runs a strict sequence of checks before any session is created. Each step can independently block the request:
-
Session token required The login form generates a temporary session cookie on load. Submitting without it returns a
401immediately — direct API calls and automated scripts are rejected before any credentials are read. -
Server capacity gate If the number of active login pending sessions exceeds the system threshold, new attempts are refused with a
503. This protects infrastructure during login floods. -
Pending session validation The server matches the CSRF token, the temp cookie, the hashed device fingerprint (IP + user agent), and the session expiry. Any mismatch returns a
401. -
Brute-force block If too many failed attempts have been recorded for this email, the account is temporarily locked and returns a
429. Triggering this lock also forces 2FA on all future logins for that account, including trusted devices. -
Cloudflare Turnstile challenge After a dynamic threshold of failures, a Cloudflare Turnstile challenge is required. Turnstile is a privacy-friendly, mostly invisible CAPTCHA — most users are validated silently. Submitting without a valid token — or failing verification — returns a
403. -
User lookup The account is looked up by email, including soft-deleted accounts. If no user is found, a
401is returned after a randomized delay of 500ms–2s — the same message as a wrong password, to prevent email enumeration. -
Account status check Only accounts with status
activeorunderReviewcan log in. Suspended, banned, pending, and deleted accounts receive a403with a status-specific message. -
Per-user login flood control Successful logins are counted per user over a rolling 60-second window. More than 3 logins in that window returns a
403— this catches credential stuffing and session farming even when credentials are correct. -
Password verification The submitted password is verified against the stored hash. On failure, a failure counter is incremented, a
401is returned after a randomized 500ms–2s delay, and the same generic "invalid credentials" message is shown as for a wrong email — the two errors are intentionally indistinguishable.
Note
Authentication controls access to the dashboard — not to your connection directly.
Connection access is controlled separately through your connection credentials and allowlists.
Two-factor authentication (2FA)
If 2FA is enabled on the account, login pauses after password verification and enters a separate challenge flow:
-
2FA eligibility check Before sending any code, the server checks whether the account is currently allowed to attempt 2FA. Rate limiting on 2FA attempts can temporarily block this. A
429is returned if the account is locked out of 2FA. -
Code dispatch Depending on enabled methods — email OTP, SMS OTP, or authenticator app (TOTP) — codes are generated and sent. Each channel has its own rate limit and delivery verification. A rate limit returns a
429; a delivery failure returns a502with an explicit error. -
Challenge pending —
202The login endpoint returns202 Accepted(not 200) and redirects to/2fa/verify. The session is not created yet — it only exists after the OTP or backup code is validated.
Session creation
Once credentials (and 2FA if required) are verified, the session is created via an atomic MongoDB transaction:
-
Atomic write The session is inserted into both
active_sessionsandsessions_historyin a single transaction withwriteConcern: majority. -
Session cap enforcement Within the same transaction, active sessions for that user are counted. If the per-account limit is exceeded, the oldest sessions are deleted automatically — the user is never silently locked out, the oldest connection is evicted.
-
History pruning Session history is also pruned in the same transaction, keeping only the most recent entries up to the configured limit.
-
Cleanup & redirect Login failure counters are reset, the temporary login session is deleted, and the session cookie is set. The user is redirected to the dashboard — or to the original page if they were redirected to login due to an expired session.
Password reset request
Requesting a password reset follows the same layered validation approach as registration. Each step can independently block or absorb the request — here is the full sequence:
-
Session token required The reset form generates a temporary session cookie on load. Submitting without it returns a
401immediately. -
Cloudflare Turnstile verification A valid Turnstile token must be attached to the request. The token is validated server-side against Cloudflare. Missing, expired, reused, or failed tokens are rejected with a
403before any email lookup runs — this blocks automated reset floods. -
Pending session validation The server matches the CSRF token, the temp cookie, the hashed device fingerprint, and the session expiry. If any mismatch occurs, the request is rejected with a
401. -
Email lookup & anti-enumeration If no account is found for the submitted email, the server returns a neutral response — identical to success — to prevent anyone from determining whether an address is registered.
-
Account status check Only accounts with status
activeorpasswordexpiredcan request a reset. Suspended, banned, or pending accounts receive a403with a status-specific message. This is the one step that reveals account state explicitly. -
Weekly flood limit The number of password changes for that email in the past 7 days is checked. Exceeding the weekly limit silently returns a neutral response — no error is shown to prevent account probing.
-
Email delivery with rate limiting A signed reset link is generated and sent via email. Per-IP and per-address rate limits apply. If the limit is exceeded or delivery fails, a neutral response is returned — the failure is never surfaced to the client.
-
Atomic token storage The hashed reset token is written atomically to both the pending session and the password history using a MongoDB transaction with
writeConcern: majority. If the transaction fails, an error is thrown — it is the only step that is not silently absorbed.
Neutral response — same as registration.
Email not found, weekly limit exceeded, and email delivery failure all return the
same response as a successful request, with a randomized delay of 500ms–2 seconds.
This makes it impossible to determine from the outside whether a reset was triggered,
whether the address is registered, or whether a rate limit was hit.
Important
The reset link is time-limited and single-use.
Clicking it ties the token to your current device and session context.
Sharing or forwarding the link invalidates the security guarantee.
Your Connection
Your connection is the dedicated IP assigned to your account. This page shows what you can see and control from your dashboard.
Active connection
-
Your dedicated IP Your assigned IP remains constant for the lifetime of your active subscription — never shared, never rotated.
-
Status Your connection reports its current state:
activeordisabled. -
Monthly bandwidth usage Cumulative data transferred through your connection in the current billing month (GB).
-
Monthly activity count Total number of connection requests processed through your IP this month.
Enable / Disable
Your connection state is managed automatically by the platform based on your subscription and account standing. A connection can be disabled in any of the following situations:
-
Subscription expired Your connection is suspended immediately when your subscription lapses. Renew your plan from your dashboard to reactivate it.
-
Payment issue Your connection is temporarily suspended due to a billing issue. Update your payment method to restore service.
-
Monthly quota exceeded Your connection has reached its monthly bandwidth (1 TB) or request (50,000,000) limit. It will automatically reactivate at the start of your next billing period.
-
Security lock Your connection has been temporarily paused for security reasons. Contact support for assistance.
-
Access revoked Your connection has been revoked, typically following account deletion or a Terms violation. Contact support if you believe this is an error.
Allowlist control
You can restrict which source IP addresses are permitted to use your connection. When an allowlist is configured, only connections originating from listed IPs will be accepted — all others are rejected at the network layer.
-
Empty allowlist If no allowlist is set, any source IP can authenticate using your connection credentials. This is the default state and may be appropriate for households with a dynamic IP from their internet provider.
-
Configured allowlist Once one or more IPs are added, only those source addresses will be allowed. Connections from unlisted IPs are silently refused, even if the credentials are correct.
-
Allowlist mismatch logging Every rejected connection due to an allowlist mismatch is recorded in your security log at
warninglevel, including the source IP and timestamp.
Note
Configuring an allowlist is strongly recommended if your home or office IP is static.
It prevents unauthorized use of your connection even if your credentials are ever compromised.
Identity Management
An identity is your connection configuration — it ties a dedicated IP address to a server location, access control rules, and optional metadata. You create identities from your dashboard and can edit them at any time.
Creating an identity
When creating a new identity, you configure four things:
-
Identity Name Required. A short label for your own reference.
-
Server Location Required. The physical location your dedicated IP is assigned to. Selected once during creation from the available list of countries and regions.
-
Access Control Optional. Controls which source IPs are allowed to connect. Defaults to open.
-
Notes Optional. A private free-text field for your own reference.
Server location is permanent
Once the identity is created, the server location is permanently locked
and cannot be changed. If you need a different location, you must create a new identity.
Choose carefully.
The assigned IP is a datacenter IP
The IP you receive for this identity is a datacenter IP, registered to a hosting provider
in the server location you selected. It is not a residential, mobile, or ISP IP. This is true for every server location —
the geography changes, but the IP type does not.
Editing an identity
When editing an existing identity, you can modify:
-
Identity Name Update the label at any time.
-
Access Control Switch between modes and update IP rules.
-
Notes Update or clear the free-text field.
The server location is shown for reference but cannot be changed. It is permanently bound to the region assigned at creation time.
Field reference
-
Identity Name Required on create and edit. A short label to identify this connection, used only for your own reference — not visible to the connection endpoint. Rules: 3 to 32 characters, letters, numbers, dots (
.), underscores (_), and hyphens (-) only, no spaces. Examples:home,gaming-rig,living-room-tv,main.office. -
Protocol Fixed. Always HTTP. This cannot be modified.
-
Server Location Required at creation, locked after. The physical location your dedicated IP is assigned to. You select this once during creation from the available list. After creation, this field becomes read-only.
-
Notes Optional on create and edit. A private free-text field, never exposed to the connection endpoint or any external system. Maximum 500 characters. Useful for noting which device or room uses this connection (e.g.
gaming console — living room,family TV).
Access Control
Controls which source IPs are allowed to use this connection. Two modes are available:
-
Open No source IP restrictions. Any client can connect using your username and password. Credentials are always required. This is the default mode.
-
IP Allowlist Restricts access based on the source IP of the connecting client. Behavior differs depending on whether the IP is listed.
When IP Allowlist mode is active:
-
IPs in your allowlist Connect without a username or password. The connection identifies and authenticates them by IP alone — no credentials need to be configured on your device.
-
IPs not in your allowlist Connection is rejected outright, even with valid credentials. The request is blocked before authentication is attempted.
How to configure
Add one or more IPv4 addresses or CIDR ranges (e.g.
10.0.0.0/24).
At least one entry is required when this mode is active.
You can paste multiple IPs at once — one per line.
Up to 10 rules per identity.Use IP Allowlist when your home or office has a fixed public IP and you want passwordless access from that network, or when you want to prevent any connection from unknown IPs — even if your credentials are ever exposed.
Validation errors
The form will not submit if any of the following conditions are present:
-
Identity name invalid Missing or does not match the allowed format (3–32 characters, no spaces, alphanumeric plus
._-). -
No server location selected Applies to creation only. A location must be chosen before submitting.
-
Empty allowlist IP Allowlist mode is active but no valid IP rule has been added.
-
Invalid IP rule One or more entries contain an invalid IPv4 address or CIDR notation.
-
Rule limit exceeded The number of IP rules exceeds the maximum of 10 per identity.
-
Notes too long Exceeds the 500-character limit.
-
No changes detected Applies to edit only. The form requires at least one modification before submitting.
Usage Limits
Every dedicated IP includes a fixed monthly allocation of 1 TB (1000 GB) of bandwidth and 50,000,000 requests. Both counters are independent — whichever is reached first will trigger a suspension of your connection until the next billing cycle.
Bandwidth — 1 TB / month
Bandwidth is measured as the total bytes transferred through your connection, both inbound and outbound combined. 1 TB is enough to cover an entire household of heavy daily use — 4K and 8K streaming, online gaming, video calls, large downloads, and everyday browsing — without worrying about hitting the limit.
Counters reset at the start of each billing cycle. There is no rollover — unused bandwidth does not carry over to the next period.
No throttling, no burst limits
Your dedicated IP has no speed cap and no throttling.
Use it at full speed, whenever you want. The only restriction is your monthly bandwidth
allocation — when you reach it, service pauses until your next monthly renewal.
Requests — 50,000,000 / month
A request is counted each time a new connection is opened through your IP, regardless of the payload size. 50 million requests per month is vastly more than any normal household will ever use — modern apps, streaming, and browsing combined rarely get close to this ceiling.
What happens when a limit is reached
When either the bandwidth or the request limit is reached, your connection is automatically suspended. Active connections at the time of suspension are terminated. No further traffic is allowed until the next billing cycle begins, or until you upgrade your plan.
You can monitor your usage in real time from your dashboard before hitting the limit.
Concurrent connections — 100 per identity
Your connection supports up to 100 simultaneous open connections. This is the number of requests that can be in-flight at the same moment — not a rate per second or per minute.
100 concurrent connections is more than enough for an entire household running
at full capacity — gaming console, streaming TV, multiple phones, laptops,
smart devices, and video calls, all at the same time. If somehow a 101st
connection is opened while 100 are still active, that connection will be
rejected with a 429 response until one of the existing connections closes.
Connection timeout
Connections that are not explicitly closed are automatically released after
6 minutes of inactivity. This prevents stale connections from consuming your
concurrency slot indefinitely.
Abuse detection
StickyIdentity™ monitors the number of distinct source IPs that connect to each dedicated IP over a rolling 1-hour window. If more than 10 unique source IPs are detected within that window, your connection is flagged internally for review.
This threshold is designed to detect credential sharing. A single user or household connecting from one or a few fixed source IPs will never trigger it. Sharing your credentials with friends or reselling access to your connection will — flagged connections are logged and reviewed, and repeated violations result in account suspension with no refund.
Notice
Credential sharing is a violation of the Terms of Service.
Each dedicated IP is intended for a single account holder from a consistent set
of source IPs — your own home, office, or personal devices. Any abuse traced
back to your IP is your responsibility — if it gets flagged or banned, no
replacement will be provided, no exceptions.
Subscription Expiry
When your subscription is cancelled or your payment fails, a defined sequence of events determines what happens to your dedicated IP address.
Immediate — Day 0
As soon as your subscription is cancelled or your payment fails, your connection is suspended. Your IP address is still reserved for you, but all traffic is blocked. No data is lost.
Grace period — 7 days
You have 7 days to renew your subscription. During this window your IP address is held exclusively for your account. If you reactivate before the grace period ends, your connection is restored immediately with the same IP address, the same credentials, and the same configuration. Nothing changes.
Tip
Renewing within the 7-day grace period is seamless — your connection is
restored exactly as it was. No reconfiguration required.
After 7 days — IP released
If the grace period expires without renewal, your IP address is permanently released back into the pool and may be assigned to another user. At this point:
-
Connection credentials stop working Your existing credentials are invalidated and will no longer authenticate against any connection endpoint.
-
Your IP is no longer yours The IP address that was assigned to your connection is released back into the allocation pool and may be reassigned to another user at any time.
-
Configuration is preserved Your identity configuration — name, access rules, notes — is kept in your account, but the IP assignment is cleared.
Irreversible
If you resubscribe after the grace period, a new IP address will be assigned.
You cannot recover the previous IP.
Summary
-
Day 0 Subscription expires — connection suspended, IP held.
-
Day 1–7 Grace period — renew anytime to restore your IP instantly.
-
Day 8+ IP released — resubscribing gives you a new IP address.
To avoid losing your IP
Make sure your payment method is up to date before your billing date. You can check your subscription status and renewal date at any time from your dashboard.
Connection Events & Logging
StickyIdentity™ records every connection and subscription event in a structured security log. These logs are used for auditing, abuse detection, and law enforcement cooperation.
User-facing messages
-
Clear and non-technical Error messages shown to users explain what happened in plain language without exposing internal system details, stack traces, or server paths.
-
No internal exposure Database errors, service names, and infrastructure details are never surfaced to the client. Internal errors are logged server-side only.
-
Subscription-aware messaging Connection and subscription state changes — expired, disabled, suspended — display contextual messages that guide the user toward the correct next action.
-
Anti-enumeration responses For sensitive flows (registration, password reset), success and failure responses are intentionally indistinguishable to prevent account probing. Both return the same status and message with a randomized delay.
Example log entry
Each log entry captures the event type, severity level, affected connection, reason, and an ISO 8601 timestamp. Entries are immutable once written.
{
"eventType": "connection_disabled",
"level": "danger",
"identityId": "64f1a2b3c4d5e6f7a8b9c0d1",
"reason": "subscription_expired",
"createdAt": "2026-02-01T12:00:00.000Z"
}
Note
Security logs are retained for a minimum of 12 months and are available in full to
law enforcement upon receipt of a lawful request. See
Law Enforcement & Legal Disclosure
for details.
Terms of Service
Effective date: February 22, 2026 · Last updated: February 22, 2026
Zero-tolerance notice
StickyIdentity™ operates a dedicated IP infrastructure service.
Every session, authentication event, traffic volume, and connection state change is logged with timestamps,
IP addresses, and device fingerprints. These records are retained and will be disclosed in full
to law enforcement, courts, or regulatory authorities upon receipt of a lawful request — without
prior notice to the account holder. If you intend to use this Service for any unlawful purpose,
do not register.
These Terms of Service ("Terms") govern your access to and use of the services provided by StickyIdentity™ ("Company", "we", "us", or "our"), including our website, dashboard, dedicated IP infrastructure, and any related services (collectively, the "Service"). By creating an account or using the Service, you agree to be bound by these Terms.
Do not use the Service
If you do not agree with these Terms, do not create an account and do not access StickyIdentity™ in any way. There is no partial acceptance, no implicit exception, and no negotiation — using the Service constitutes full and unconditional acceptance of every clause below.
1. Eligibility
-
Age requirement You must be at least 18 years old to use the Service. By registering, you confirm that you meet this requirement.
-
Legal capacity You represent that you have the legal authority to enter into a binding agreement, either on your own behalf or on behalf of the organization you represent.
-
Geographic restrictions The Service is not available in jurisdictions where it is prohibited by applicable law. You are responsible for determining whether use of the Service is lawful in your location.
2. Accounts & Registration
-
Accurate information You agree to provide accurate, current, and complete information during registration and to keep it updated at all times. Accounts created with false, misleading, or unverifiable information may be suspended or terminated without notice and without refund.
-
Real name required You must register and maintain your account using your real, legal name. The use of pseudonyms, aliases, fictional names, or names belonging to another person is strictly prohibited. If you update your name at any time — whether at registration or later in your account settings — it must reflect your true legal identity. Accounts found to use false names are subject to immediate termination.
-
Username conduct Usernames must not contain profanity, slurs, hate speech, sexually explicit language, or any term that could be considered offensive, harassing, or harmful. StickyIdentity™ reserves the right to force-change or permanently ban any username that violates this policy, without prior notice.
-
Account security You are solely responsible for maintaining the confidentiality of your credentials and for all activity that occurs under your account. Notify us immediately at
[email protected]if you suspect unauthorized access. We will never ask for your password. -
Account activation Accounts require email verification before becoming active. Unverified accounts may be automatically and permanently deleted after the activation window expires. A new registration will be required.
3. Acceptable Use Policy
StickyIdentity™ provides a dedicated internet connection for real users — individuals and households with legitimate everyday use cases such as gaming, streaming, video calls, remote work, and general browsing. The Service is not designed for, and not permitted to be used for, automated systems, bots, or mass data collection of any kind.
You agree to use the Service exclusively for lawful purposes, in full compliance with all applicable local, state, federal, and international laws and regulations. This Service is provided in good faith to legitimate users only. Misuse is not tolerated under any circumstances.
The following activities are strictly and absolutely prohibited:
-
Automation, bots & scraping Using the Service to run automated scripts, bots, crawlers, scrapers, headless browsers for unattended workflows, sneaker/ticketing bots, sniping tools, or any form of unattended automation. This includes large-scale data collection, API polling, search-result harvesting, social media automation, inventory monitoring, and any activity where the primary client is not a real human using the connection in real time. StickyIdentity™ is built for humans, not machines.
-
Criminal activity of any kind Using the Service to facilitate, conceal, or execute fraud, phishing, identity theft, money laundering, drug trafficking, terrorism financing, human trafficking, child exploitation, or any other activity constituting a criminal offense under applicable law. This includes using the Service as a tool to evade law enforcement.
-
Unauthorized system access Attempting to gain unauthorized access to computer systems, networks, databases, or accounts — including scanning, probing, penetration testing, or exploiting vulnerabilities on systems you do not own and have not received explicit written authorization to test.
-
Harassment, threats & stalking Using the Service to harass, intimidate, threaten, stalk, dox, or cause harm — physical, financial, or reputational — to any individual or organization.
-
Spam, botnets & bulk abuse Sending unsolicited bulk communications, operating botnets, conducting mass email or SMS campaigns, credential stuffing, account takeover automation, or any form of coordinated abuse at scale.
-
Malware, ransomware & network attacks Distributing malicious code, viruses, spyware, ransomware, or conducting DDoS attacks, amplification attacks, port scanning, or any activity that degrades, disrupts, or destroys the integrity of third-party systems or infrastructure.
-
Ad fraud & artificial traffic Using your assigned dedicated IP to generate artificial clicks, impressions, or traffic; manipulate analytics or engagement metrics; conduct ad fraud; or circumvent detection systems designed to prevent such abuse.
-
Unauthorized resale or sharing Sublicensing, reselling, or sharing your dedicated IP with any third party without prior written consent from StickyIdentity™. Each connection is provisioned for a single authorized user only. Credential sharing between multiple users or locations is detected automatically and results in suspension.
-
Sanctions & embargoed parties Using the Service if you are listed on any U.S. government sanctions list (OFAC SDN, BIS Entity List, etc.) or are located in a U.S.-embargoed country or territory.
Your IP, your responsibility.
Each dedicated IP is exclusively assigned to your account and yours alone —
any abuse can and will be traced back to you instantly. If your IP gets flagged or banned by a
third-party service due to your own activity, no replacement will be provided, no exceptions.
Use your connection responsibly.
Law enforcement cooperation — we log everything.
StickyIdentity™ maintains comprehensive, timestamped logs of all account activity, including but not limited to:
authentication events, IP addresses, device fingerprints, session durations, traffic volumes, and connection state changes.
Connection activity logs are retained for 90 days; security and audit logs are retained for a minimum of 12 months.
We will comply fully and without delay with any lawful request from federal, state, or international law enforcement agencies, courts, or regulatory bodies — including subpoenas, court orders, and national security letters. Disclosure will occur without prior notice to the account holder where permitted or required by law.
Attempting to use this Service to conceal criminal activity is not only a violation of these Terms — it is ineffective. Your activity is logged, your identity is recorded, and we will not protect you.
We will comply fully and without delay with any lawful request from federal, state, or international law enforcement agencies, courts, or regulatory bodies — including subpoenas, court orders, and national security letters. Disclosure will occur without prior notice to the account holder where permitted or required by law.
Attempting to use this Service to conceal criminal activity is not only a violation of these Terms — it is ineffective. Your activity is logged, your identity is recorded, and we will not protect you.
4. Billing & Payments
-
Subscription model The Service is offered on a subscription basis. Fees are charged in advance at the start of each billing cycle (monthly or annually, depending on your plan).
-
Automatic renewal Subscriptions automatically renew at the end of each billing period unless cancelled before the renewal date. You authorize us to charge your payment method on file for each renewal.
-
Price changes We reserve the right to modify pricing with at least 14 days' notice. Continued use of the Service after a price change constitutes acceptance of the new pricing.
-
Taxes Prices shown do not include applicable taxes. You are responsible for all taxes, duties, or levies imposed by your jurisdiction.
-
Failed payments If a payment fails, we will attempt to retry the charge. If payment remains unsuccessful, your account and associated connection will be suspended until payment is resolved. Continued non-payment may result in account termination and loss of your assigned IP.
5. Refunds
-
No automatic refunds All subscription fees are non-refundable except as expressly stated in this section or required by applicable law. Partial-month usage is not eligible for a pro-rated refund.
-
3-day new customer policy If you are a first-time subscriber and are dissatisfied with the Service, you may request a full refund by contacting
[email protected], subject to both of the following conditions: the request must be made within 3 days of your initial payment, and bandwidth consumption at the time of the request must not exceed 50 GB. If either limit is exceeded — 3 days elapsed or 50 GB consumed, whichever comes first — no refund will be issued. This policy applies once per customer and is not available for renewals. -
Service outages If the Service experiences downtime exceeding 99.5% monthly uptime over a billing period due to issues on our end, you may request a service credit. Credits are applied to future billing cycles and are not paid out as cash.
-
Termination for cause Accounts terminated due to violations of these Terms are not eligible for any refund.
6. Account Termination & Deletion
-
Subscription cancellation You may cancel your subscription at any time from your dashboard or by contacting support. Cancellation takes effect at the end of the current billing period. Your account and connection remain active until that date. No further charges will be made after cancellation.
-
Account deletion by you You may permanently delete your StickyIdentity™ account at any time from your account settings. This action is immediate, permanent, and cannot be undone. Deleting your account will permanently remove your profile, settings, active sessions, connection configurations, and most stored data. Your active subscription is automatically cancelled upon deletion — no future charges will be made and no pro-rated refund is issued for the remaining billing period. Once deleted, your data cannot be recovered under any circumstances. If you wish to use the Service again, you must create a new account.
-
What is retained after deletion Certain minimal records may be kept after account deletion where required by law or legitimate business necessity, including: billing transaction records (for tax and accounting compliance), security and audit logs (for fraud prevention and law enforcement obligations), and anonymized usage data. These records are retained for the minimum period required and are not used for marketing or shared with third parties outside of legal obligations.
-
Termination by us — for cause We may suspend or terminate your account immediately and without notice if you violate these Terms, engage in fraudulent or illegal activity, or pose a risk to other users or the infrastructure. Termination for cause carries no refund obligation.
-
Termination by us — without cause We may terminate or suspend your account at our discretion with 30 days' notice. In this case, a pro-rated refund for unused days in the current billing period will be issued.
-
Effect of termination or deletion Upon any termination or deletion, all active sessions are immediately revoked, your dashboard access is cut off, and your assigned dedicated IP is decommissioned. There is no grace period — access ends immediately.
-
IP release Your dedicated IP address is released back to the pool immediately upon account termination or deletion. We do not guarantee that the same IP can be reassigned to you if you create a new account or resubscribe.
Account deletion is permanent.
All account data, sessions, connection configurations,
and personalized settings are destroyed immediately and cannot be recovered — not by you,
not by our support team, and not by any technical process. Do not delete your account unless
you are certain. This action cannot be reversed.
7. Limitation of Liability
To the fullest extent permitted by applicable law:
-
No consequential damages StickyIdentity™ shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, goodwill, or business interruption, arising from your use of or inability to use the Service.
-
Liability cap Our total cumulative liability to you for any claim arising from or related to the Service shall not exceed the amount you paid us in the 3 months preceding the event giving rise to the claim.
-
Service provided "as is" The Service is provided on an "as is" and "as available" basis without warranties of any kind, express or implied, including merchantability, fitness for a particular purpose, or non-infringement.
-
Third-party actions We are not responsible for any damages resulting from third-party platform policies, IP blacklisting by external services, or actions taken by other users of the internet.
Important
Some jurisdictions do not allow exclusion or limitation of certain damages. In such cases, our liability
is limited to the maximum extent permitted by law.
8. Law Enforcement & Legal Disclosure
-
Mandatory cooperation StickyIdentity™ is a U.S.-based company and is legally required to comply with valid legal process, including subpoenas, court orders, search warrants, and national security letters issued by competent authorities. We will comply promptly and completely.
-
Voluntary disclosure for public safety We reserve the right to proactively disclose account information to law enforcement — without a court order — when we reasonably believe that doing so is necessary to prevent imminent harm, fraud, or criminal activity targeting others.
-
No notice to account holder Where permitted by law, disclosure will occur without prior notice to the account holder. We may be legally prohibited from notifying you that a request was made.
-
Data preserved upon request Upon receipt of a preservation request from law enforcement, we will immediately preserve and hold all account data, logs, and associated records pending formal legal process, regardless of any pending deletion or account termination.
-
Log availability All logs — including authentication records, IP history, device fingerprints, session timelines, and traffic data — are available and will be produced in their entirety in response to lawful requests. We do not offer anonymization or data minimization in the context of legal proceedings.
This is not an anonymity service.
A dedicated IP assigned to your account is tied to your
verified identity, billing information, and full activity logs. If you use this Service to commit a crime,
those records will be made available to the relevant authorities. There are no exceptions.
9. Governing Law & Disputes
-
Governing law These Terms are governed by applicable U.S. federal law and the laws of the state in which StickyIdentity™ is registered and principally operates, without regard to conflict of law principles.
-
Dispute resolution Any dispute arising from these Terms or the Service shall first be attempted to be resolved through good-faith negotiation. If unresolved within 30 days, disputes shall be submitted to binding arbitration under the rules of the American Arbitration Association (AAA).
-
Class action waiver You agree to resolve disputes with us individually and waive any right to participate in a class action lawsuit or class-wide arbitration.
10. Changes to These Terms
We reserve the right to modify these Terms at any time. If we make material changes, we will notify you by email or by displaying a prominent notice in the dashboard at least 14 days before the changes take effect. Continued use of the Service after the effective date constitutes acceptance of the revised Terms.
11. Contact
For questions about these Terms, contact us at
[email protected]
or visit our support center at
stickyidentity.com/support
.
Privacy Policy
Effective date: February 22, 2026 · Last updated: February 22, 2026
This Privacy Policy describes how StickyIdentity™ collects, uses, stores, and protects your personal information when you use the Service. By using the Service, you consent to the practices described here.
1. Information We Collect
We collect only what is strictly necessary to operate your account, protect your connection, and comply with our legal obligations. Sensitive technical data is hashed or anonymized whenever possible — we do not keep raw identifiers in our logs.
-
Account data Your name, username, email address, optional phone number, hashed password, and time zone — collected once at registration and used solely to operate your account.
-
Billing data Your payment information is processed directly by our third-party payment provider — we never see or store your full card number. We only retain minimal billing records (plan, amount, date) for accounting and legal compliance.
-
Usage data Technical metadata associated with your connection — IP addresses (hashed), device fingerprints (hashed), user agent strings (hashed), session timestamps, traffic volume (GB), and request counts. Hashing is irreversible: we keep only the fingerprint, not the raw value, so this data cannot be used to reconstruct your identity or browsing history.
-
Security logs Login attempts, authentication events, account changes, and connection state changes are recorded with hashed identifiers for security auditing and fraud prevention. These logs are never shared for marketing or analytics purposes.
-
Communications Emails and support messages you send us, kept only as long as necessary to help you and resolve your request.
2. Cookies
StickyIdentity™ uses strictly necessary cookies only. We do not use tracking cookies, advertising cookies, analytics cookies, or any third-party cookies. We do not sell or share cookie data with anyone. There is no cookie consent banner because there is nothing to consent to beyond what is required to operate your account.
All cookies we set are first-party, HttpOnly, Secure (in production), and
SameSite=Strict. They cannot be read by JavaScript or by any third-party website.
They fall into three categories:
-
Session cookie Issued after a successful login. Used to keep you authenticated as you navigate the dashboard. Expires after 7 days of inactivity, or immediately on logout. Internal name:
sessionId. -
Trusted device cookie Optional. Issued only if you mark a device as trusted during a 2FA challenge. Allows you to skip the 2FA step on that specific device for up to 90 days. You can revoke trusted devices at any time from your account settings. Internal name:
trustedDeviceId. -
Form security cookies (short-lived, 15 minutes) A small set of temporary cookies issued when you open a sensitive form — login, registration, 2FA challenge, password reset request, password reset confirmation, or account deletion. Each one binds the form to your browser, prevents automated bot submissions, and is destroyed as soon as the form is submitted or expires. Internal names:
loginTempId,registerTempId,2FA-ChallengeId,passwordResetRequestTempId,passwordResetTempId,deletedTempId.
No tracking, no analytics, no third parties
We do not run Google Analytics, Facebook Pixel, advertising trackers, or any other
third-party script that could read or set cookies in your browser. Disabling cookies will prevent you from
logging in or registering, but no other functionality depends on them.
3. How We Use Your Information
-
Service delivery To provision, maintain, and operate your dedicated IP and dashboard access.
-
Security & fraud prevention To detect and prevent unauthorized access, abuse, and violations of these Terms.
-
Billing & support To process payments, send invoices, handle refunds, and respond to support requests.
-
Communications To send transactional emails (account activation, password reset, billing notifications). We do not send marketing emails without your explicit opt-in.
-
Legal compliance To comply with applicable laws, respond to lawful requests from authorities, and enforce our Terms.
4. Data Retention
-
Active accounts Data is retained for the duration of your account and subscription.
-
After termination Account data is retained for up to 90 days after termination for legal and fraud prevention purposes, then permanently deleted. Billing records may be retained longer as required by law (typically 7 years).
-
Connection activity logs Connection metadata, hashed source IP fingerprints, and aggregated traffic volume records are retained for up to 90 days, then permanently deleted.
-
Security & audit logs Authentication events, account changes, and connection state changes are retained for up to 12 months, then deleted or anonymized.
5. Data Sharing
We do not sell, rent, or trade your personal information. We may share data with:
-
Service providers Third-party vendors who help operate the Service (payment processors, email delivery, infrastructure providers) under strict confidentiality agreements.
-
Law enforcement When required by law, court order, or to protect the rights, property, or safety of StickyIdentity™, our users, or the public.
-
Business transfers In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. You will be notified before your data is subject to a different privacy policy.
6. Your Rights
-
Access & portability You may request a copy of the personal data we hold about you at any time.
-
Correction You may update your account information directly from your dashboard or request corrections via support.
-
Deletion You may request deletion of your account and associated data. Deletion requests are processed within 30 days, subject to legal retention obligations.
-
Opt-out You may opt out of non-essential communications at any time via the unsubscribe link in emails or by contacting support.
Note
To exercise any of these rights, contact us at
[email protected].
We will respond within 30 days.7. Security
We implement industry-standard security measures including password hashing, encrypted sessions, CSRF protection, rate limiting, and audit logging. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security. You are responsible for maintaining the security of your credentials and notifying us of any suspected breach.
8. Contact
For privacy-related inquiries, contact us at
[email protected]
or visit
stickyidentity.com/support
.
About StickyIdentity™
StickyIdentity™ is a dedicated internet connection service built for individuals, households, and everyday users who need a reliable, private, and persistent online presence. We provision dedicated datacenter IP addresses tied to verified accounts — not shared pools, not rotating proxies, not residential or mobile IPs.
Every IP on our platform is assigned exclusively to a single verified user. Your address does not change, is not shared, and is not affected by what other users do. What you get is a stable, clean, accountable internet identity — backed by infrastructure engineered for continuity and real-time use like gaming, streaming, and video calls.
StickyIdentity™ is not an anonymity service.
Every account is tied to a verified identity and every session is logged.
If you need a platform that conceals your identity from law enforcement, this is not it.
If you need a stable, dedicated IP you can rely on for your everyday internet use —
this is exactly what we built.
-
Dedicated IP — one user, one IP One IP per account. Never shared, never rotated. Yours for the full duration of your active subscription.
-
Verified identity required Every account must be registered with a real legal name and a verified email address. No anonymous accounts, no throwaway signups.
-
Full audit logging Every authentication event, connection state change, session start, and traffic metric is timestamped and stored using hashed identifiers — raw IPs and device details are never kept. Connection activity logs are retained for 90 days; security and audit logs for a minimum of 12 months.
-
Subscription-gated allocation No IP is allocated without an active, paid subscription. Registration alone does not provision a connection.
-
Built for humans, not bots The platform is designed for individuals and households with legitimate everyday internet needs. Automation, scraping, and mass data collection are not permitted. Misuse results in immediate termination and full cooperation with law enforcement.
Mission & Vision
Our mission is simple: provide the most reliable, transparent, and legally compliant dedicated IP service on the market. We believe that access to a stable, private internet connection should be as straightforward as any other utility — and should come with real accountability, not anonymity.
-
Reliability over everything A dedicated IP is only valuable if it stays consistent. Our infrastructure is engineered around uptime, predictability, and low-latency routes — your IP is yours for as long as your subscription is active.
-
Zero ambiguity We are not an anonymity service. Every account is tied to a verified identity and every action is logged. This is a deliberate choice — it keeps our platform legitimate, our IPs clean, and our users protected from bad actors sharing the same infrastructure.
-
Built for legitimate everyday use StickyIdentity™ serves individuals and households who need a stable, private internet connection — from gaming and streaming to video calls, remote work, and everyday browsing.
-
Long-term vision We are building toward a future where your internet connection is as seamless and trustworthy as any other utility. Clean IPs, transparent policies, and a platform that treats users as accountable adults.
How It Works
StickyIdentity™ provisions dedicated IP addresses and ties them to verified user accounts through a subscription model. Here is what happens from signup to active connection:
-
1 — Register & verify You create an account with your real identity and verify your email address. Our registration pipeline validates your information through multiple security layers before your account is activated.
-
2 — Subscribe to a plan Choose a plan that fits your needs. No IP is allocated until a valid subscription exists. Payment is processed securely through our payment provider — we never store card data.
-
3 — Get your dedicated IP Once your subscription is active, a dedicated IP is assigned to your account. This IP is yours exclusively for the duration of your subscription — it is not shared, rotated, or recycled while you are active.
-
4 — Manage your connection From your dashboard you can configure allowlists to restrict which source IPs can use your connection, monitor bandwidth and activity usage, and review your security log. Your connection remains active automatically as long as your subscription is valid and your account is in good standing.
-
5 — Security by default Every session, login attempt, and connection state change is logged with timestamps and hashed identifiers — raw IPs and device fingerprints are never stored. Two-factor authentication is available via authenticator app, email OTP, or SMS. Your account is protected at every layer.
Note
Unlike shared IP pools where dozens of users share the same address, your StickyIdentity™ connection
is exclusively yours. This means cleaner reputation, more consistent behavior, and no risk of
being affected by what other users do with the same IP.
Team
StickyIdentity™ is a small, focused team of infrastructure engineers, security specialists, and product builders. We are obsessed with reliability, transparency, and doing things the right way.
-
Infrastructure-first Our engineering team comes from a background in network infrastructure, identity systems, and security. Every architectural decision — from how sessions are stored to how IPs are provisioned — is made with reliability and accountability in mind.
-
Security by design Security is not an afterthought. Our platform was designed from day one with layered authentication, comprehensive audit logging, zero plaintext credential storage, and active abuse monitoring built into the core.
-
Committed to compliance We take our legal obligations seriously. Our terms, privacy policy, and internal procedures are designed to protect both our users and the integrity of our platform — and to cooperate fully with lawful legal process when required.
Contact & Support
-
General support For account questions, billing inquiries, or technical issues, reach us at
[email protected]or through our support center. -
Security disclosures If you have discovered a security vulnerability or wish to report suspicious activity, contact us directly at
[email protected]with the subject lineSecurity Report. We take all reports seriously and respond promptly. -
Legal & compliance For law enforcement requests, legal notices, or compliance inquiries, contact us at
[email protected]. Include full details of your request and applicable jurisdiction. -
Support center Our documentation and help articles are available at https://stickyidentity.com/docs.
Note
We aim to respond to all support requests within 24 hours on business days.
For urgent account security issues, include
URGENT in the subject line.Frequently Asked Questions
Answers to the most common questions about StickyIdentity™ accounts, dedicated IPs, billing, security, and policies.
Account & Registration
-
Why do I need to verify my email before my account is active? Email verification confirms that the address you provided is real and accessible by you. Unverified accounts cannot access the dashboard and are automatically deleted after the activation window expires. If your link expired, simply register again.
-
Can I use a disposable or temporary email address? No. Disposable email providers are blocked at registration. We also verify the domain's MX records in real time. A permanent, deliverable email address is required — it is used for account security, billing, and legal notifications.
-
Do I need to use my real name? Yes. StickyIdentity™ requires your legal name at registration and any time you update your profile. Aliases, pseudonyms, and fictional names are strictly prohibited and will result in account termination. See our Terms — Accounts & Registration for details.
-
My registration form expired — what do I do? The registration form generates a temporary session that expires after 15 minutes for security reasons. Simply reload the page to start a fresh session and resubmit your information.
-
Why was my registration rejected with no clear reason? For privacy and security reasons, we return a neutral response when the outcome could reveal whether an email address is already registered or was previously associated with a deleted account. If you believe this is an error, contact
[email protected].
Login & Security
-
My account is locked — what happened? After several consecutive failed login attempts, your account is temporarily locked to prevent brute-force attacks. The lock expires automatically. If you are locked out and need immediate access, contact support at
[email protected]. -
Why am I being asked to complete a CAPTCHA? After a dynamic threshold of failed login attempts from your email or IP, a Cloudflare Turnstile challenge is required before you can continue. Turnstile is a privacy-friendly CAPTCHA that usually validates you invisibly — most users never see a puzzle, only a short verification step. It is triggered on login, registration, and password reset pages when suspicious patterns are detected.
-
I did not receive my 2FA code — what should I do? Check your spam or junk folder first. If using SMS, ensure your phone number is correct and has signal. OTP codes expire after 15 minutes — if yours expired, restart the login process to receive a new one. If the issue persists, contact support.
-
Can I log in from multiple devices at the same time? Yes, up to your plan's session limit. If you exceed the limit, the oldest active session is automatically revoked to make room for the new one. You are never silently locked out — the oldest connection is simply evicted.
-
How do I reset my password? Go to /change-password and enter your email. A time-limited reset link will be sent to your address. The link is single-use and expires after 15 minutes. For security reasons, the server returns the same response whether or not the email is registered.
-
Will StickyIdentity™ ever ask for my password? Never. We will never ask for your password by email, phone, or any other channel. If you receive such a request, treat it as a phishing attempt and report it to
[email protected].
Your Dedicated IP
-
What is a dedicated IP? A dedicated IP is an internet address assigned exclusively to your account. Unlike shared IP pools, no other user shares your IP. It remains assigned to you for the full duration of your active subscription — stable, private, and never rotated. It is built for gaming, streaming, video calls, and everyday internet use.
-
What type of IP will I get — residential, mobile, or datacenter? All IPs assigned by StickyIdentity™ are datacenter IPs. They are not residential, not mobile, and not ISP IPs. This means they come from IP ranges registered to hosting providers. Datacenter IPs work well for stable remote access, gaming, video calls, general browsing, and most streaming — but some services (certain banks, streaming platforms, ticketing sites, a few multiplayer games) specifically block datacenter ranges. If your use case requires a residential or ISP IP, this service is not the right fit.
-
When is my dedicated IP allocated? No IP is allocated until a valid, active subscription exists. Registration alone does not provision a connection. Once your payment is confirmed, your dedicated IP is assigned and becomes available in your dashboard.
-
Can I use this for scraping, bots, or automation? No. StickyIdentity™ is built for real users — gaming, streaming, video calls, and everyday browsing. Automated scraping, bots, crawlers, and mass data collection are strictly prohibited and will result in immediate account termination. Each IP is assigned to a single verified user and any abuse traced back to it is that user's responsibility.
-
Can my connection be disabled? Your connection state is managed automatically by the platform — it is not something you can toggle manually. It remains active for as long as your subscription is valid and your account is in good standing. It will be automatically disabled if your subscription lapses, a payment fails, or our team detects fraudulent activity requiring administrative action. If your connection has been disabled and you believe it is an error, contact
[email protected]. -
What is an IP allowlist? An allowlist lets you restrict which source IP addresses are permitted to use your dedicated connection. Only connections from allowlisted IPs will be accepted. This is an additional security layer to prevent unauthorized use of your credentials.
-
Will I keep the same IP if I resubscribe? We cannot guarantee it. When your account is terminated or deleted, your IP is released back to the pool immediately and may be reassigned to another user. We recommend keeping your subscription active to retain your IP.
-
What happens if my IP gets flagged or banned on a service? Each dedicated IP is exclusively assigned to your account — any abuse can and will be traced back to you. If your IP gets flagged or banned due to your own activity, no replacement will be provided, no exceptions. Use your connection responsibly.
Billing & Refunds
-
How does billing work? Subscriptions are billed in advance at the start of each billing cycle (monthly or annually). Your payment method on file is charged automatically at renewal unless you cancel before the renewal date.
-
Can I get a refund? First-time subscribers may request a full refund within 3 days of their initial payment, provided bandwidth consumption has not exceeded 50 GB. If either limit is reached — 3 days elapsed or 50 GB consumed, whichever comes first — no refund will be issued. After that, all fees are non-refundable. Accounts terminated for Terms violations are not eligible for any refund. See our Refunds policy for full details.
-
What happens if my payment fails? We will attempt to retry the charge. If it remains unsuccessful, your account and dedicated IP will be suspended until payment is resolved. Continued non-payment may result in account termination and permanent release of your assigned IP.
-
How do I cancel my subscription? Cancel at any time from your dashboard or by contacting support. Cancellation takes effect at the end of the current billing period — your account and connection remain active until that date. No further charges will be made after cancellation.
-
What happens to my data if I cancel? Your account remains active until the end of the billing period. After that, you can delete your account from settings. Account deletion is permanent and irreversible — all data is destroyed immediately. Minimal records required by law (billing history, security logs) are retained as described in our Privacy Policy.
Legal & Privacy
-
Is StickyIdentity™ an anonymity or privacy service? No. StickyIdentity™ is not an anonymity tool. Every account is tied to a verified identity, and all activity is logged. If you are looking for a service that hides your identity from law enforcement, this is not it. See our Law Enforcement & Legal Disclosure section.
-
Do you share my data with third parties? We do not sell, rent, or trade your personal information. We share data only with service providers who help operate the platform (under strict confidentiality agreements), with law enforcement when legally required, or in the context of a business transfer. See our Privacy — Data Sharing section.
-
Will you notify me if law enforcement requests my data? Where permitted by law, we will not provide prior notice to the account holder. In some cases, we may be legally prohibited from informing you that a request was made. See our Law Enforcement policy.
-
How do I request deletion of my data? You can delete your account directly from your account settings. Deletion is immediate and permanent. Alternatively, contact
[email protected]to submit a formal data deletion request. We respond within 30 days. -
What laws govern this service? StickyIdentity™ is a U.S.-based service governed by applicable U.S. federal and state law. Disputes are resolved through binding arbitration under AAA rules. See our Governing Law & Disputes section.
Still have questions?
If your question is not answered here, our support team is available at
[email protected] or through our help center at
stickyidentity.com/support
.
We aim to respond within 24 hours on business days.
Note
For urgent account security issues, include
URGENT in the subject line
of your email. For security vulnerability reports, use the subject line
Security Report.