What about a caching proxy? You can't view it on your screen unless the browser downloads it anyway.

It could be something like a streaming Flash video, which the browser never has a complete copy of.

Streamloaded flash video is stupid simple to grab.

On windows, navigate to:

Users\USER\AppData\Local\temp\acro_rd_dir

And create a >hard< symbolic link for the .tmp file you will find there, renaming it to .flv . I am sure, on a mac, the location name is similar.

Close the browser window, the tmp file will be deleted and the flv will no longer be locked for access, and is now yours.

http://www.howtogeek.com/howto/16226/complete-guide-to-symbo...

In that case, Wireshark and protocol analysis comes to the rescue. The trick is to find the images in the mess that is the downstream packets, but I've had success in the past with recording VoIP calls this way (the client didn't support recording).

Someone should make and distribute one before May 30th.