How to Screenshot Sites That Block Bots
You send a screenshot request. Instead of the page, you get a Cloudflare challenge screen, a blank page, or a "Please verify you're human" message. Sound familiar?
This happens because many websites detect headless browsers and block them. Here's how to get around it with SnapSharp's stealth mode and proxy support.
Why screenshots fail on protected sites
Headless Chrome leaks signals that bot detectors catch:
navigator.webdriveristrue(real browsers:false)navigator.pluginsis empty (real browsers: 3–5 plugins)- WebGL reports "Google SwiftShader" (a headless-only GPU)
- Canvas fingerprint is deterministic (real browsers: varies)
window.chromeruntime object is missing
Bot detection services like Cloudflare, DataDome, and PerimeterX check these signals and block requests that fail.
Solution 1: Stealth mode
SnapSharp's stealth mode patches all 7 detection vectors automatically:
curl "https://api.snapsharp.dev/v1/screenshot\
?url=https://protected-site.com\
&stealth=true" \
-H "Authorization: Bearer sk_live_..." \
-o screenshot.pngWhat it patches:
| Signal | What stealth does |
|---|---|
navigator.webdriver | Set to false |
navigator.plugins | Populated with realistic plugin list |
navigator.languages | Set to ["en-US", "en"] |
| WebGL vendor/renderer | Spoofed to real Intel GPU strings |
| Canvas fingerprint | Randomized per session |
| Audio context | Randomized fingerprint |
| Chrome runtime | Realistic window.chrome object |
This bypasses approximately 70% of bot detectors, including basic Cloudflare, DataDome, and fingerprint.js checks.
Solution 2: Stealth + proxy
Some sites also block by IP. Datacenter IP ranges are well-known, so even with stealth, requests from cloud providers get flagged.
Combine stealth with your own proxy for maximum bypass:
curl -X POST "https://api.snapsharp.dev/v1/screenshot" \
-H "Authorization: Bearer sk_live_..." \
-H "Content-Type: application/json" \
-d '{
"url": "https://heavily-protected-site.com",
"stealth": true,
"proxy": "http://user:pass@residential-proxy.example.com:8080",
"user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36"
}' -o screenshot.pngRecommended proxy providers
SnapSharp uses a BYO (Bring Your Own) proxy model — connect any proxy you already have:
- Bright Data — residential proxies in 195 countries
- Oxylabs — datacenter and ISP proxies
- Smartproxy — rotating residential proxies
Supported protocols: http://, https://, socks5://.
Solution 3: Add a delay + wait
Sometimes the page loads fine but needs time to render past a JavaScript challenge:
curl "https://api.snapsharp.dev/v1/screenshot\
?url=https://slow-challenge-site.com\
&stealth=true\
&delay=3000\
&wait_until=networkidle" \
-H "Authorization: Bearer sk_live_..." \
-o screenshot.pngThe delay=3000 gives the challenge page 3 seconds to resolve before capturing.
Using the SDK
import { SnapSharp } from '@snapsharp/sdk';
const snap = new SnapSharp(process.env.SNAPSHARP_API_KEY!);
const image = await snap.screenshot('https://protected-site.com', {
stealth: true,
proxy: 'socks5://user:pass@proxy.example.com:1080',
userAgent: 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)...',
delay: 2000,
});What stealth can't bypass
Be realistic about what stealth mode can and can't do:
- Works on: Basic Cloudflare, DataDome (standard), fingerprint.js, most custom detectors
- Doesn't work on: CAPTCHAs, login-gated content, Cloudflare Turnstile, advanced DataDome (requires real browser sessions)
- Doesn't fix: IP-based WAF blocking (use a proxy for that)
For sites that require solving CAPTCHAs, you'll need a dedicated web scraping solution — that's outside the scope of a screenshot API.
Availability
Stealth mode and proxy support require a Growth plan or above ($49/mo). View plans →