Two people ask us for the same thing in different words. One says his sneaker bot keeps getting logged out mid-checkout. The other runs fifteen marketplace seller accounts and just got hit with a security review because his IP changed between page loads. Neither of them wants a rotating pool of home IPs, which is what most people mean by "residential." They want the opposite: one residential-looking IP that never moves. That product has its own name, ISP proxy, and it is the tier most buyers skip right past because nobody explained what it is for.
We run a proxy network, so here is the plain version: what an ISP proxy actually is under the hood, why a website trusts it, why a login survives on it when it would break on a rotating pool, and where it is the wrong tool. By the end you will know whether the thing you need is rotating residential, datacenter, or this middle seat that quietly borrows the best of both.
What is an ISP proxy?
An ISP proxy is a single, static IP address that is registered to a consumer internet provider but hosted on datacenter-grade hardware. To a website, the address looks like an ordinary home connection, because on paper it belongs to an ISP like Comcast, Cox, or Deutsche Telekom. To you, it behaves like a server: fast, always on, and yours alone for the length of the plan. That combination, residential trust with datacenter stability on one fixed identity, is the entire product.
The name is shorthand for that split personality. "ISP" points at who the address is registered to. The word most providers use as a synonym, "static residential," points at how it behaves. Same tier, two labels.
The trick that makes it work: ASN registration
To understand why an ISP proxy is trusted, you have to know the one thing every anti-bot system checks first. Every IP address on the internet belongs to an ASN, the Autonomous System Number that names the network operator who owns that block of addresses. ASN ownership is public, and defended sites look it up in the first millisecond of a request, before they read a single header.
That lookup is the whole game. An address registered to a hosting company (Amazon, Google Cloud, OVH, Hetzner) is, by definition, not a home user, because no real shopper browses from a cloud server. Anti-bot vendors treat those hosting ASNs as a strong negative signal and challenge them on sight, with almost no risk of annoying a genuine visitor. An address registered to a consumer ISP is the reverse: it is one of millions that real customers browse from every day, so blocking it risks blocking a paying human.
An ISP proxy games exactly this lookup, and it does so legitimately. The IP block is registered under a consumer ISP's ASN, so the classification comes back "residential." But the machine actually answering your requests sits in a datacenter, on real server hardware, with a real server's uptime and bandwidth. You get the reputation of a home line and the performance of a server, because the address says one thing and the hosting says another, and the website only ever checks the address.
This is why an ISP proxy passes where a plain datacenter proxy fails. The datacenter IP announces its hosting ASN and gets flagged; the ISP IP announces a consumer ASN and gets waved through the first gate. We break down the full detection stack in how websites detect proxies, but the ASN check is the one an ISP proxy is built to beat.
ISP vs rotating residential vs datacenter
The clearest way to place an ISP proxy is between its two neighbors. All three relay your traffic. They differ on two axes that decide everything: what the website thinks the IP is, and whether that IP stays the same.
| Datacenter | ISP (static residential) | Rotating residential | |
|---|---|---|---|
| Who owns the IP (ASN) | Hosting company | Consumer ISP | Consumer ISP |
| How a site classifies it | Server, distrusted | Home user, trusted | Home user, trusted |
| Identity | One fixed IP | One fixed IP | New IP per request or session |
| Hosted on | Datacenter hardware | Datacenter hardware | Real home devices |
| Speed | Fast, consistent | Fast, consistent | Varies with the home line |
| Survives a login | Yes, but often blocked | Yes, its core strength | Only inside a short sticky window |
| Ban behavior | Blocked, you must replace it | Flagged, you must replace it | Next request just uses another IP |
| Priced | Per IP per month | Per IP per month | Per GB of traffic |
Read the table top to bottom and the ISP column is a deliberate hybrid. It takes the ASN classification from the residential column (so it is trusted) and the hosting, speed, and single-identity model from the datacenter column (so it is fast and stable). It gives up the one thing rotating residential is famous for, ban resistance through a pool of many IPs, in exchange for the one thing rotating residential cannot do, hold a single identity steady for weeks.
We put real numbers behind the datacenter-versus-residential split in datacenter vs residential proxies, and we walk through the rotating-versus-static decision in depth in rotating vs static residential proxies. For this piece, the short version is that ISP is what you reach for when you need residential trust but cannot tolerate the IP changing.
Why a login survives on an ISP proxy
This is the reason the tier exists, so it is worth understanding the mechanics rather than taking it on faith.
When you log in to a modern platform, it does not just check your password and forget about you. It ties the resulting session to a bundle of signals: a session cookie, a device and browser fingerprint, and the IP address the session started from. On every subsequent request it re-checks that the bundle is consistent. A session that was born on a home IP in Frankfurt and suddenly continues from a different IP two seconds later looks, to the platform, like a stolen cookie being replayed from somewhere else. The safe response, from the site's point of view, is to challenge you: a re-login, a one-time code, a "was this you?" screen, or an outright lockout.
A rotating residential proxy walks straight into that tripwire. Its whole design is to hand you a different exit IP per request, or to hold one only for a short sticky window (commonly one to thirty minutes) before the pool rotates it away. That is perfect for looking like a crowd while scraping, and structurally wrong for anything that has to stay one person past the sticky window. Mid-session rotation is what empties carts, drops logins, and trips "unusual activity" reviews.
An ISP proxy removes the tripwire entirely. The IP is static: it is assigned to you and it does not change for the life of the plan. Every request in the session leaves from the same trusted consumer-ISP address, day after day, so the platform sees exactly what it expects from a real person with a home connection and a stable router. The account looks settled because, from the network's perspective, it is. That is why account management, e-commerce storefronts, social posting, and any bot that has to log in and stay logged in run on ISP IPs rather than a rotating pool.
One honest caveat, because a clean IP is only the first gate. The address gets you past the ASN check, but headers, timing, and your TLS fingerprint still matter. Before a single byte of HTTP is sent, your client's TLS handshake advertises an ordered list of cipher suites and extensions that anti-bot systems hash into a fingerprint (the widely used JA3 and JA4 schemes). If that fingerprint says "automation library" while your IP and User-Agent say "person at home," the mismatch flags you no matter how good the IP is. ISP buys you a trusted, stable starting point. It does not excuse robotic behavior on top of it.
Where ISP IPs come from, and why they are priced per IP
An ISP proxy's address is leased from, or registered in cooperation with, a consumer internet provider, then pointed at hosting infrastructure the proxy company runs. That is a very different supply chain from rotating residential, where the pool is built from real people's home devices opting in to share their connection (an arrangement we cover, including its ethical minefield, in what is a residential proxy). Because an ISP IP lives on a server rather than someone's actual home router, it is stable and fast in a way a real home line never guarantees, and it does not depend on a stranger keeping their device online.
That supply model is also why the meter looks different. Rotating residential is billed per gigabyte, because you draw shared bandwidth from a pool and usage is the thing that scales. ISP is billed per IP per month, because you occupy one specific address around the clock whether you push a megabyte or a terabyte through it. Bandwidth on an ISP IP is effectively unmetered; the address itself is what you rent.
That pricing model has a clear consequence for who ISP is cheap for. If your work is heavy traffic through a handful of stable identities (a busy storefront, a few high-value accounts), ISP is often far cheaper than paying per gigabyte for the same volume. If your work needs thousands of separate identities, paying monthly rent on thousands of IPs gets expensive fast, and rotating residential's per-GB model wins. Market rates for ISP run from roughly $0.30 per IP per month at the cheapest bulk providers to a few dollars at the premium end, and ours are $1.80 per IP per month, pay as you go, on a balance that does not expire. We lay out the full cost picture across every proxy type in how much do proxies cost.
The two catches, stated plainly
An ISP proxy is not a free lunch, and we would rather you know the tradeoffs than discover them in production.
One identity means one blast radius. A rotating pool absorbs a ban as a non-event: the next request simply uses a different IP. An ISP proxy is a single address, so if it gets flagged, everything running on it is flagged together. The discipline that fixes this is boring but real: one account, or one narrow purpose, per IP. Do not pile a whole operation onto a single clean address because it happens to work today.
A static IP inherits its history. An ISP address had tenants before you, and reputation systems have long memories. Anti-bot platforms keep a running reputation score for every IP based on prior abuse, and that history outlasts whoever held the address last. A two-minute pre-flight check saves you from building an account on a burned identity: run the IP through our proxy checker to see exactly what a site sees when you connect through it, and check its abuse and fraud history for free on our sister project FFraud. Clean IP, then build. Not the other way around.
Do you actually need an ISP proxy? A one-minute guide
Walk your job down this list and stop at the first match.
- Does anything log in and need to stay logged in past a few minutes? ISP. This is the tier's home turf, and rotating residential actively works against you here.
- Are you managing accounts, running a storefront, or posting as a stable identity? ISP, one IP per account. The platform expects each account to come from a consistent real person.
- Are you doing high-volume collection across many pages you do not own? Not ISP. Rotating residential is built for that, and a single static IP will get itself banned trying to do a pool's job.
- Is the target barely defended (open data, most APIs, indifferent sites)? Not ISP either. A plain datacenter proxy is faster and far cheaper, and paying for residential trust the target never checks is waste.
- Both a collection layer and an account layer in one project? Split them: rotating residential for the crawling, ISP for the logins. That two-tier setup is the standard architecture for a reason.
The mistake we see most is buying a rotating pool for account work because "residential" sounded right, then fighting logouts for a week. If your task has to be the same person tomorrow that it was today, that is an ISP job. Our ISP proxies are exactly that: static consumer-ISP addresses on stable infrastructure, at $1.80 per IP per month, pay as you go, and you can verify what any of them looks like to a website with our proxy checker before you trust it with a real account.
Sources and further reading
- DataDome, "What are data center proxies and how to detect them?". How anti-bot systems score hosting ASNs against ISP-registered ranges, which is the exact check an ISP proxy is built to pass.
- Cloudflare, "Using machine learning to detect bot attacks that leverage residential proxies". Why residential ranges cannot simply be blocklisted, and how per-IP reputation scoring works.
- Cloudflare, "JA3/JA4 fingerprint". How the TLS ClientHello is hashed into a fingerprint and matched against the browser a request claims to be, which still catches you even on a clean ISP IP.