Amazon CAPTCHA is not a puzzle — it's AWS WAF scoring you on 7 signals

Spent the last month debugging a production Amazon scraper that worked for 3 weeks and then silently started returning stale prices. Took a while to realize it wasn't broken — it was being cloaked.

The insight most "amazon captcha bypass" guides miss: AWS WAF Bot Control (Amazon's CAPTCHA system) has 3 responses, not 2.

1. Serve real content
2. Show CAPTCHA (the visible failure)
3. Serve cloaked content — HTTP 200, clean HTML, but stale/fake/partial data

Option 3 is the one that destroys production scrapers. Your logs look green. Database fills up. Client eventually notices the prices don't match.

Tested 5 approaches on 100 products:

→ requests + free proxies: 10% success, ~90 CAPTCHAs
→ residential + requests: 55%, ~30 CAPTCHAs
→ Playwright + stealth + residential: 85%, ~10 CAPTCHAs, weekly stealth maintenance
→ Amazon PA-API 5.0: 100% but requires active affiliate sales
→ Real-browser takeover (BrowserAct local mode): 98%, zero maintenance

Solver pricing reality check:

• 2Captcha Amazon WAF: $0.99/1K image, $2.99/1K token
• CapSolver: $0.80/1K image, $2.50/1K token
• Token challenges are the invisible ones — most solver APIs fail on them

The architecture that actually works: stop pretending to be a real browser. Use your daily Chrome, with real session history and cookie age accumulated over months. AWS WAF scores cumulative behavior, not puzzle-solving ability. A Chrome you've used for a year passes by default.

Setup was 15 minutes. Haven't had to touch stealth configs since.

Full breakdown (including the AWS WAF signal list and legal considerations): https://www.browseract.com/blog/amazon-captcha-bypass-guide