Tl;dr how do streaming media services (and their partner services) detect VPN?
I ask this question out of the interest of understanding how some VPN providers evade their detection while others get blocked. I realize streaming services use third parties (Google, Fastly, Akamai, etc) to perform this function, so this question is more accurately about how these providers detect VPN users.
I have researched the reputation of many IP addresses used by various VPN providers, those that work and those that are blocked, and all show up clearly as used for VPN. This leads me to the theory that it is not (at least entirely) based on IP address reputation. I did not see anything (obvious) in HTTP header or IP header (beyond the source IP) that would be unique to connections from a VPN. DNS leak tests also look clean (though I am still researching thing one). Is there something else I am missing?
I am admittedly reaching the point of assuming someone at the service providers is getting paid off to whitelist the IP addresses of the vpn providers that work but have to assume this is not the case.
Any education on how else vpn users are detected would be greatly appropriated.