Amazon CAPTCHA is not a puzzle — it's AWS WAF scoring you on 7 signals
Spent the last month debugging a production Amazon scraper that worked for 3 weeks and then silently started returning stale prices. Took a while to realize it wasn't broken — it was being cloaked.
The insight most "amazon captcha bypass" guides miss: AWS WAF Bot Control (Amazon's CAPTCHA system) has 3 responses, not 2.
- Serve real content
- Show CAPTCHA (the visible failure)
- Serve cloaked content — HTTP 200, clean HTML, but stale/fake/partial data
Option 3 is the one that destroys production scrapers. Your logs look green. Database fills up. Client eventually notices the prices don't match.
Tested 5 approaches on 100 products:
→ requests + free proxies: 10% success, ~90 CAPTCHAs
→ residential + requests: 55%, ~30 CAPTCHAs
→ Playwright + stealth + residential: 85%, ~10 CAPTCHAs, weekly stealth maintenance
→ Amazon PA-API 5.0: 100% but requires active affiliate sales
→ Real-browser takeover (BrowserAct local mode): 98%, zero maintenance
Solver pricing reality check:
- 2Captcha Amazon WAF: $0.99/1K image, $2.99/1K token
- CapSolver: $0.80/1K image, $2.50/1K token
- Token challenges are the invisible ones — most solver APIs fail on them
The architecture that actually works: stop pretending to be a real browser. Use your daily Chrome, with real session history and cookie age accumulated over months. AWS WAF scores cumulative behavior, not puzzle-solving ability. A Chrome you've used for a year passes by default.
Setup was 15 minutes. Haven't had to touch stealth configs since.
Full breakdown (including the AWS WAF signal list and legal considerations): https://www.browseract.com/blog/amazon-captcha-bypass-guide
