Bright Data's residential proxy SDK ships a public partner manifest listing the publishers it relays traffic through. CTV distributors reaching Comcast, Sky, LG, Samsung, Roku, and 125+ other TV brands are on the list. The SDK's 200 GB/month bandwidth budget is written for devices that are always plugged in, always online, and consented to through a dialog navigated with a TV remote. The finding Bright Data is the largest residential proxy network in the world, selling access to 150M+ IPs it describes as "ethically sourced" via a consent SDK embedded in partner apps. I reverse-engineered the SDK (version 1.532.120, iOS arm64), captured 30 days of traffic from a research fleet of iOS devices running a consent-installed partner app, and ran a standalone research client against the peer endpoint. Three things came out of that work. First, the SDK fetches its config from an unauthenticated public endpoint that ships the full partner manifest to anyone with curl . The manifest contractually ties the network to CTV-focused distributors with massive reach. Second, the peer tunnel that actually relays scraping jobs runs on an unauthenticated WebSocket, with no message signing, no client attestation, and a plain-JSON envelope. This is less hardened than typical commercial malware C2. Third, the SDK uses Apple's NWParameters.requiredInterface API to bind the peer tunnel to the physical network interface, bypassing any user-configured VPN. On a managed device, the most sensitive channel this SDK operates is designed to go around your VPN layer. Why residential proxies now, more than ever? AI companies need scraped web content at scale: for pre-training, for retrieval, for agent grounding, for search. But the modern web isn't scrapeable from a datacenter. Cloudflare, DataDome, HUMAN , and every serious bot-management vendor fingerprint inbound traffic and throttle or block requests from cloud/datacenter IPs. AWS, GCP, Azure all get flagged and scraping from a cloud IP at scale doesn't work anymore. The workaround is residential proxies: real IP addresses belonging to real broadband, mobile, and smart-TV customers. Traffic from a Comcast or T-Mobile subscriber looks legitimate because it is legitimate. Someone's home connection, borrowed by the gigabyte. Krebs reported in October 2025 that Aisuru and similar sources are now fueling AI-linked data harvesting at scale. Academic measurement going back to 2019 shows these networks are overwhelmingly misused. The FBI issued a formal advisory earlier this year. Most existing press has focused on the illegal supply: botnets ( Aisuru , Kimwolf ), trojanized apps ( HUMAN Security's PROXYLIB disclosure ), pre-infected IoT hardware ( Google/Mandiant's IPIDEA takedown ). The legal supply has received far less scrutiny, and it's bigger. Why CTV specifically A smart TV is a near-perfect residential proxy hardware. Compared to a phone: Factor Mobile phone Smart TV Power Battery-bound Always plugged in Uptime Intermittent 24/7 in standby Bandwidth ceiling Cellular caps Effectively unlimited Consent UI Text on a phone Text via remote control The Bright SDK config confirms the TV framing directly. It sets max_bw_monthly_wifi: 200,000,000,000 bytes, or 200 GB. That allowance is written for devices without battery or cellular caps. It's the TV budget. The partner manifest On every launch the SDK fetches an unauthenticated config from clientsdk.bright-sdk.com/sdk_config_ios.json . Any random UUID returns the full response: feature flags, idle-detection thresholds, per-country bandwidth tiers, and the complete partner roster. Identifiable partners from public sources: Partner ID Entity Scale playworks_digital PlayWorks Digital Ltd Publisher claims 400+ CTV titles, distribution to ~250M TV homes via Comcast, Sky, Cox, LG, Samsung, Vizio, Roku cloudtv CloudTV Integrated across 125+ TV brands and 15+ OEMs longvision_media_hong_kong_co_limited Longvision Media HK (LongTV) 5M OTT users across HK and Malaysia viber_media_s_r_l Viber Media S.à r.l. (Rakuten) 250M+ monthly users of the Viber messenger supercent_inc Supercent (Korea) #1 Korean mobile publisher by downloads in 2023 moonfrog_labs_private_limited Moonfrog Labs (Stillfront subsidiary) ~10M MAU on Teen Patti Gold alone; acquired for $90M hola_networks Hola Networks Bright Data's lineage parent Others in the roster ( desoline , free_time , ott_studio , global_microtrading , m_m_media , easystaff_lp ) are present but less identifiable. bright_screensavers , bright_videos , and brightdata are Bright Data's own apps. Two of these stand out beyond the CTV thread. Rakuten's Viber messenger (hundreds of millions of monthly users) and Stillfront's Moonfrog Labs (one of the largest mobile gaming publishers in India) are both named in the manifest with their own bandwidth budgets. Being in the manifest means Bright Data has assigned the publisher a bandwidth budget in its own allocation file. It does not by itself prove a specific publisher's curre...