It will be on the same list, if you are filtering VPN's and other "anonymizers" you usually end up blocking all IP's that are not assigned to commercial/residential ISP's.
IP blocks which belong to data center's, cloud providers, VPN providers etc. are quite well known and easily identifiable with a simple lookup.
So you can easily find some no-name VPS provider or get a VPS on AWS/DigitalOcean/Azure/Racksapce but if the site is actively restricting access from VPN's/Proxies it won't help you much in most cases.
Possibly, but I suspect that the address pools for many of the major players (Amazon, Rackspace, DigitalOcean, etc.) are also known and not getting smaller.
There might be options related to IPv6, but since Netflix has been supporting that for streaming since 2012 I suspect those are also covered.
What if I connect to your PC using a vpn so it looks like it's just you watching it? I tried connecting to the UK national lottery from abroad via a VPN to my home PC and they could tell.
this works well with windows machines, however beyond that it could be really really flaky. especially freebsd/mac/linux are mostly inaccurate.
PTR's are set on client machines aswell or in some newer IPv6 based networks you mostly get a PTR aswell. fingerprinting the tcp implementation can't work on network fragmentation and when you drop some packages through a firewall, yes this is mostly not in home networks and most home users won't use linux at all however since netflix and other streaming providers opened for linux aswell, they will actually just allow linux users to use a vpn since they can't detect it safely without false postives like they could on windows.
And MTU differs extremly between US and Europe (Thanks to PPPoE and PPPoA)
PTR is wrong. My Server is a home user and I'm a server?! Also this guy has a better database since he can detect linux 3.11 however on my home network I'm behind a proxy, thats something he didn't detected.
Edit: Oh and on IPv6 only networks with DNS64 and NAT64 you will get really aweful results if you operate on a ipv4 based service (i'm looking at you netflix)
ok this is what I was really wondering. So Netflix can tell that you are using a commercial connection to access the service? Can they also tell that you are forwarding in the case of a proxy or something?
That is what I don't get, because if I spin up a digital ocean server in London and put openVPN on it, they can probably tell the IP block belongs to a cloud services company. However, they can't just be running ips against a list right? So what is the work around?
Any given IP is "owned" by an Autonomous System[1], so if you see a user whose IP is from AS14061[2], you know they're coming from DigitalOcean and you can say, "No content for you". They are basically checking your IP against a big list and seeing where you're coming from.
In some cases it is more ambiguous, say the IP belongs to Verizon but it happens to one of the blocks Verizon provisions in the EU or as part of their PPI infrastructure. You only know this because someone has annotated this metadata (eg MaxMind). Or if its a Comcast Business account IP, do you call that commercial and block it? It could be someone at home who forked out for the business class service. This is again where IP-surveillance companies come into play.
In even more ambiguous cases, the IP belongs to AS####A (A hosting company) but is announced by AS####B (A residential ISP), such that traffic from to or from the IPs belonging to AS####A looks for all the world that it is really AS####B's traffic. Do you treat those users a residential because ISP-B is potentially renting that IP space or do you call it commercial?
