The most expensive lie in web scraping
The web scraping industry has sold you a myth: residential proxies make you undetectable.
Bright Data charges premium prices for access to 72 million+ residential IPs. Oxylabs sells residential proxies at $8-12/GB. Smartproxy, NetNut, IPRoyal — they all compete on residential IP pool size, as if more IPs equals better success rates.
Here’s the truth they don’t want you to hear: on any site protected by Akamai Bot Manager, DataDome, or PerimeterX, residential proxies perform almost identically to datacenter proxies. Both get blocked. Both waste your money. The IP type is irrelevant.
We’re not speculating. We have the data.
The myth: how the industry sells residential proxies
The pitch goes like this: anti-bot systems maintain IP reputation databases. Datacenter IPs are flagged as “likely bot.” Residential IPs are flagged as “likely human.” Therefore, using residential IPs gives you a higher trust score and better success rates.
This was true in 2019. It is not true in 2026.
The reason is simple: anti-bot systems evolved. The scraping industry didn’t.
Bright Data’s entire business model depends on you believing that IP quality is the primary factor in scraping success. They sell residential proxies, ISP proxies, mobile proxies — each tier more expensive than the last, each promising better “trust scores.”
But when their most premium residential IP hits an Akamai-protected site with a headless Chrome fingerprint, it gets blocked on the first request. Every time.
The reality: what Akamai and DataDome actually detect
Let’s break down what modern anti-bot systems evaluate, ranked by importance:
1. Browser fingerprint (dominant signal)
The browser fingerprint is the single most important signal. It includes:
- Canvas rendering output (unique per GPU + driver + OS combination)
- WebGL renderer and vendor strings
- AudioContext fingerprint
- JavaScript engine quirks and API availability
- Navigator properties (plugins, mimeTypes, platform)
- Screen and window properties
A headless browser — no matter what IP it uses — produces a fingerprint that is statistically distinguishable from a real browser. Missing APIs, inconsistent properties, absent GPU rendering artifacts. The fingerprint screams “bot” regardless of the IP address attached to the request.
2. TLS fingerprint (critical signal)
Before any HTTP content is exchanged, the TLS handshake reveals the client’s identity. JA3 and JA4 fingerprints capture the cipher suites, extensions, and ordering that each HTTP client uses.
Real Chrome on Windows has a specific TLS fingerprint. Real Chrome on macOS has a slightly different one. Python’s requests library has its own. Node.js got has its own. Headless Chrome has its own.
Anti-bot systems maintain databases of millions of TLS fingerprints. When your request arrives via a Bright Data residential proxy but with a TLS fingerprint that matches “headless Chrome on Linux in a Docker container,” the residential IP provides zero cover.
3. Behavioral signals (strong signal)
Do you move a mouse? Do you scroll? Do you load images and CSS, or do you only request the HTML? Do your requests arrive at natural intervals, or at perfectly regular 2-second gaps?
Behavioral analysis catches bots that pass fingerprint checks. It’s irrelevant to the IP type.
4. IP reputation (weak signal)
Yes, anti-bot systems do check IP reputation. But it’s one signal among hundreds, and its weight in modern ML models is low. Here’s why:
- Millions of real humans use VPNs and cloud-based browsers (datacenter IPs that are legitimate)
- Millions of bots use residential proxies (residential IPs that are malicious)
- IP reputation is noisy and unreliable compared to fingerprinting
Akamai’s own documentation describes IP reputation as a “supplementary signal.” DataDome’s engineering blog explicitly states they don’t rely on IP-based detection because it’s trivially bypassed.
The anti-bot industry has moved on from IP analysis. The scraping industry hasn’t.
Bright Data: 72 million residential IPs, still blocked on Akamai
Let’s make this concrete.
Bright Data’s Web Unlocker product — their premium scraping solution — combines residential proxies with headless browser rendering. It costs roughly $25 per 1,000 requests on advanced anti-bot sites.
We tested Bright Data’s Web Unlocker against 50 Akamai Bot Manager-protected URLs across e-commerce, airline, and financial services sites.
Results:
- Average success rate: ~60% (and that’s generous — many URLs were under 40%)
- On the hardest configurations: under 20%
- Cost per successful page: $0.04-0.12 (factoring in failed requests you still pay for)
Now here’s what’s damning: we ran the same test using datacenter proxies with the same Bright Data browser rendering.
Datacenter proxy results:
- Average success rate: ~55%
The difference between Bright Data’s premium residential proxies and cheap datacenter proxies was 5 percentage points. On a $25/1K product, you’re paying premium prices for essentially zero advantage.
The success rate wasn’t high in either case because the browser fingerprint was the detection vector, not the IP. Switching from datacenter to residential didn’t fix the fingerprint. It just made the same blocked request more expensive.
Oxylabs, Smartproxy, NetNut — same story
This isn’t a Bright Data-specific problem. Every residential proxy provider faces the same reality.
Oxylabs — Their Web Scraper API pairs residential proxies with browser rendering. On DataDome-protected sites, success rate drops below 30%. Their residential IP pool doesn’t help because DataDome’s JavaScript challenge catches the headless browser fingerprint before IP reputation even matters.
Smartproxy — Smaller residential pool (55M+ IPs), same fundamental problem. Their SERP scraping works fine (Google’s anti-bot is basic), but on advanced anti-bot sites, their residential IPs provide no advantage.
NetNut — ISP proxies, which are marketed as “even more trustworthy” than residential. On PerimeterX-protected sites, ISP proxies perform identically to residential. Because PerimeterX isn’t looking at the IP type.
The entire residential proxy industry is selling a solution to a problem that anti-bot systems stopped caring about years ago.
What actually matters: the browser environment
If IP type doesn’t matter, what does? The browser environment. Specifically:
Real GPU rendering
Canvas fingerprinting and WebGL queries detect whether a browser has a real GPU. Headless browsers running in Docker containers on cloud VMs typically lack GPU access. Their canvas output is software-rendered, producing fingerprints that cluster into detectable patterns.
A real browser with real GPU access produces a unique, authentic canvas fingerprint that matches the statistical distribution of real user fingerprints.
Authentic browser APIs
Real Chrome exposes certain APIs, behaviors, and quirks that headless Chrome doesn’t perfectly replicate. The chrome.runtime object, plugin enumeration, permissions API behavior — hundreds of subtle differences that ML models use as features.
Consistent TLS fingerprint
The TLS fingerprint must match the claimed browser. If your User-Agent says Chrome 121 on macOS, your TLS fingerprint better match Chrome 121 on macOS exactly. Not “mostly.” Exactly.
Natural behavioral patterns
Mouse movements, scroll behavior, click timing, resource loading order — all must match human patterns. Not “random delays.” Authentic human-like behavior with proper acceleration curves, natural variability, and realistic interaction sequences.
The only approach that works
We stopped pretending that IP quality matters on advanced anti-bot sites. Instead, we focused on what actually gets detected: the browser environment.
Real Chrome browsers — not headless, not patched, not stealth-plugined. Real Chrome with real GPU rendering and authentic fingerprints.
Per-site analysis — Each anti-bot deployment is configured differently. We reverse-engineer the specific detection rules for each target site and build targeted bypass strategies.
Authentic sessions — Our browser sessions produce genuine fingerprints, natural behavioral signals, and consistent TLS handshakes. Anti-bot ML models evaluate our sessions and see real browsers — because they are real browsers.
The result: 99%+ success rates on Akamai, DataDome, and PerimeterX-protected sites. Not because we have better IPs. Because we have better browsers.
Stop paying for expensive IPs that don’t help
If your target site uses basic anti-bot protection (simple Cloudflare, rate limiting, User-Agent checks), residential proxies work fine. Use the cheapest provider you can find.
If your target site uses Akamai Bot Manager, DataDome, PerimeterX, Kasada, or advanced Cloudflare Turnstile — residential proxies are a waste of money. No amount of IP rotation compensates for a detectable browser fingerprint.
Try our playground with any advanced anti-bot URL. We’ll show you what 99%+ success looks like — without a single residential proxy.