The ASN dimension nobody talks about enough
Here's something I don't see discussed much: ASN-level scoring is getting granular. It's not just "is this a datacenter ASN" anymore. Some residential providers concentrate their IPs in a handful of ASNs, and those specific ASNs are getting burned because the ratio of bot-to-human traffic from them is absurdly high. I've seen targets where AS7922 (Comcast) IPs sail through but AS20001 (Charter/Spectrum) IPs from the same provider get challenged at 3x the rate and it's not because Spectrum is inherently worse, but because that specific provider had most of their pool concentrated there and the target's ML model learned the pattern. What I do: I check the ASN distribution of my proxy pool before committing to a provider. If more than 40% of their residential IPs resolve to the same 3 ASNs, that's a red flag. You want entropy. Real user traffic is distributed across hundreds of ASNs in any given metro area, your scraping traffic should approximate that distribution.
Quick note on mobile/4G proxies since I know this sub likes the deep dives. CGNAT is still your best friend here. Carriers stuff thousands of real users behind a single IP, which means even aggressive anti-bot systems are reluctant to block mobile ASN ranges, why? Well, too much collateral damage. But the window is closing. I'm seeing more targets fingerprint at the device/viewport level specifically for mobile ASNs, because they know the traffic coming from mobile IPs with a desktop user-agent and a 1920x1080 viewport is almost certainly not a real phone. If you're using mobile proxies, your entire request profile needs to actually look mobile: viewport, user-agent, accept headers, even the connection timing patterns (mobile connections have higher, more variable latency than fiber, if you're hitting a site from a "mobile" IP with 8ms consistent RTT, that's a signal).
All in all, the most expensive residential bandwidth in the world won't save you from a bad session model. But a well-designed session model can make cheap datacenter proxies work on targets you assumed required residential.