NetNut is a proxy network. Spider is a scraping and browser automation platform. These are fundamentally different products, but if you’re paying for NetNut today, you’re probably paying for only one layer of a stack that requires five.
What NetNut actually is
NetNut sells proxy bandwidth: residential, static residential, mobile, and datacenter IPs across 200+ countries. You point your scraping tools (Puppeteer, Playwright, Selenium, whatever) through their network to avoid IP-level blocks.
NetNut does not scrape websites. It does not render JavaScript. It does not solve CAPTCHAs. It does not extract data. It is a pipe. Your traffic goes through it and comes out the other side looking like it originates from a residential ISP.
Everything else (the browser, the anti-detection, the rendering, the parsing) is your problem.
Four layers of detection that proxies can’t touch
A good proxy network used to be enough to scrape most sites. That hasn’t been true for about two years. Anti-bot systems in 2026 operate at layers that IP rotation is blind to:
Layer 1: TLS fingerprinting (JA3/JA4)
Cloudflare, Akamai, and DataDome fingerprint the TLS ClientHello before your request even reaches the web server. The JA3 hash, derived from your cipher suites, extensions, elliptic curves, and their ordering, identifies what software made the connection. A Python requests library has a completely different JA3 from Chrome 120. Changing the source IP with NetNut does nothing to your TLS fingerprint. The anti-bot system sees “this is Python, not a browser” regardless of which residential IP you’re using.
JA4, the newer version, adds TLS version, SNI extension, and ALPN protocol to the fingerprint. It’s already deployed at Cloudflare and Fastly.
Layer 2: HTTP/2 fingerprinting
Anti-bot systems inspect HTTP/2 SETTINGS frames, WINDOW_UPDATE parameters, header ordering (:method, :authority, :path sequence), and pseudo-header capitalization. Chrome, Firefox, and Safari each produce distinct HTTP/2 fingerprints. Headless Chrome with default Puppeteer settings produces a different fingerprint than desktop Chrome. These protocol-level signals pass through any proxy unchanged. NetNut’s residential IPs don’t alter them.
Layer 3: Behavioral analysis
Mouse movement patterns, scroll velocity, click entropy, viewport size consistency, and navigation sequences are tracked in real time. Cloudflare Bot Management scores sessions based on dozens of behavioral signals collected via JavaScript. A script that navigates directly to a deep URL without traversing the site’s navigation tree, or that scrolls at perfectly uniform velocity, triggers behavioral flags that no proxy can prevent.
Layer 4: JavaScript challenges
Cloudflare Turnstile, hCaptcha, and custom JS challenges require a real browser environment. They execute JavaScript that probes for navigator.webdriver, canvas fingerprints, WebGL renderer strings, audio context behavior, and hundreds of other signals. A proxy network does not execute JavaScript. If the site serves a challenge page, NetNut delivers that challenge page to you, and solving it is your problem.
A residential IP gets you past the first check. The next three still catch you.
How Spider handles all four layers
Spider’s approach is to handle the entire stack as one system. The API and Spider Browser manage proxy rotation, TLS impersonation, HTTP/2 fingerprint matching, behavioral simulation, and challenge solving as a unified pipeline.
In our public benchmark, Spider Browser achieved a 100% pass rate across 999 URLs and 327 domains, including sites protected by Akamai (Nike, LinkedIn), PerimeterX (Walmart, Zillow, Dick’s Sporting Goods), DataDome (Sephora, Booking.com, AllTrails), and Cloudflare (dozens of targets). Each layer of detection was handled automatically without any per-site configuration.
What the workflow looks like
With NetNut + Puppeteer
import puppeteer from "puppeteer";
const browser = await puppeteer.launch({
args: ["--proxy-server=http://gw.netnut.io:5959"],
});
const page = await browser.newPage();
await page.authenticate({
username: "YOUR_NETNUT_USER",
password: "YOUR_NETNUT_PASS",
});
// TLS fingerprint: still looks like headless Puppeteer
// HTTP/2 fingerprint: still looks like headless Puppeteer
// navigator.webdriver: true by default
// Canvas/WebGL: inconsistent with claimed user agent
await page.setUserAgent("Mozilla/5.0 ...");
await page.evaluateOnNewDocument(() => {
Object.defineProperty(navigator, "webdriver", { get: () => false });
// Patch plugins, languages, WebGL renderer...
// This breaks every time Cloudflare updates their detection
});
await page.goto("https://example.com");
const html = await page.content();
// Parse it yourself
await browser.close();With Spider
import { SpiderBrowser } from "spider-browser";
const spider = new SpiderBrowser({
apiKey: process.env.SPIDER_API_KEY,
});
await spider.init();
await spider.page.goto("https://example.com");
// TLS, HTTP/2, behavioral, JS challenges — all handled
const data = await spider.page.extract(
"Extract the main product name, price, rating, and number of reviews"
);
console.log(data);
await spider.close();No proxy config, no fingerprint patching, no parser. Spider handles every detection layer and returns structured data.
The cost of building your own stack
NetNut’s rotating residential proxies range from roughly $1.50 to $7/GB depending on plan size and proxy type.
But proxy bandwidth is only one line item. A working scraping operation on top of NetNut also requires:
- Server infrastructure: $200+/month for cloud VMs running headless browsers
- CAPTCHA solving service: $50-$100/month (2Captcha, Anti-Captcha, etc.)
- Anti-detection maintenance: engineering hours every time Cloudflare, Akamai, or DataDome ships an update (this happens monthly)
- Monitoring and retry logic: more engineering time to handle the failures that still get through
- TLS/HTTP2 impersonation tooling: libraries like
curl_cffiortls-clientthat need version tracking
For a moderate workload (~100GB proxy bandwidth), a realistic stack runs $400-$1,000/month in infrastructure before engineering time. And the engineering time never stops, because anti-bot systems update constantly.
Spider’s pricing covers the whole pipeline. A workload of 50,000 pages per month costs around $32.50 (pricing). No infrastructure to run, no patches to maintain, no CAPTCHA service to integrate.
Where each approach fits
NetNut is the right choice if you already have a working scraping stack with proper TLS impersonation, behavioral simulation, and challenge solving, and you just need better IPs. It’s also the right choice for non-scraping use cases: ad verification, brand monitoring, geo-testing, market research where you need raw proxy access.
If you’re building a scraping workflow and don’t want to assemble and maintain every layer of the anti-detection stack yourself, Spider replaces the whole thing.