Switching Between API V1, V2 & V2s

This guide follows the current Scrapingbypass API documentation: V2s uses the same parameters as V2 but adds stream response support. Before production use, confirm the latest settings in the official docs and your API console.

Decision Flow

To choose between V1, V2, and V2s, ask two questions: does the target require challenge handling, and does the response need to be streamed? V2s is not a separate challenge type. It is V2 with stream response.

Step 1: Start with V1 for simple 403 cases

  • The page opens in a normal browser.
  • Your code receives 403.
  • There is no cf-mitigated: challenge response header.
  • There is no Turnstile widget during form submission.
  • You do not need server-side session reuse.

If these conditions match, V1 is usually the simplest starting point.

Step 2: Switch to V2 for JS Challenge or Turnstile

If the first page load returns a Cloudflare challenge, or the response includes cf-mitigated: challenge, use V2. If a form triggers Turnstile, use V2 with x-cb-sitekey and place [cf_token] where the target API expects the token.

curl --request POST   --url "https://api.scrapingbypass.com/api/submit"   --header "x-cb-apikey: YOUR_APIKEY"   --header "x-cb-host: target.com"   --header "x-cb-version: 2"   --header "x-cb-proxy: http://user:pass@proxy-host:port"   --header "x-cb-sitekey: 0x4AAAA..."   --header "content-type: application/json"   --data '{"turnstileToken":"[cf_token]"}'

Step 3: Use V2s when V2 needs streaming

If the request still needs V2 behavior but the response is large or long-running, switch to V2s. Common examples include ZIP/PDF downloads, CSV exports, large reports, and workflows that write the response to disk while downloading.

curl --request GET   --url "https://api.scrapingbypass.com/download/report.csv"   --header "x-cb-apikey: YOUR_APIKEY"   --header "x-cb-host: target.com"   --header "x-cb-version: 2s"   --header "x-cb-proxy: http://user:pass@proxy-host:port"   --output report.csv

Quick Decision Table

SignalUseWhy
Browser works, code gets 403, no challengeV1Lightweight bypass
cf-mitigated: challenge appearsV2JS Challenge handling
Form submission triggers TurnstileV2Requires x-cb-sitekey and [cf_token]
V2 scenario plus large file or long responseV2sNeeds stream response
Concurrent session reuseV2/V2s + partUse x-cb-part to separate sessions

Troubleshooting tips

  • If V1 fails with a challenge signal, switch to V2.
  • If V2 works but large downloads are unstable, use x-cb-version: 2s.
  • For V2s, make sure your HTTP client reads the response as a stream instead of loading the whole body into memory.
  • For multi-threaded jobs, avoid sharing the same x-cb-part across all workers.