Logo of «2Captcha»To home page
Captcha Solver APIProxy APIFingerprint API

Hunt CAPTCHA

Hunt
A token-based method for bypassing Hunt CAPTCHA.

There are two modes: without data, the task returns X-HD. With data, the task solves the captcha using a meta.token you already received from the site. X-HD is a unique fingerprint tied to your IP that you can use for subsequent requests to the site.

Typical workflow:

  1. Create a task without data.
  2. Get X-HD.
  3. Send a request to the site with this X-HD.
  4. Receive meta.token from the site.
  5. Create a new task with data = meta.token.
  6. Get the solution.
  7. Submit the solution to the site.

Task types

  • HuntTask — we use the proxy you provide

Specification for HuntTask

Property Type Required Description
type String Yes Task type:
HuntTask
websiteURL String Yes Full URL of the target web page where the captcha loads
apiGetLib String Yes Full link to the api.js file.
userAgent String No Browser User-Agent used to open the page
data String No Value of meta.token that the site returned after a request with X-HD. Use only for the captcha solving mode
proxyType String Yes Proxy type:
http
socks4
socks5
proxyAddress String Yes Proxy server IP address or hostname
proxyPort Number Yes Proxy server port
proxyLogin String No Login for proxy authentication
proxyPassword String No Password for proxy authentication

Request examples

Method: createTask
API endpoint: https://api.2captcha.com/createTask

Example HuntTask request with data

json Copy 
{
    "clientKey": "YOUR_API_KEY",
    "task": {
      "type": "HuntTask",
      "websiteURL": "https://example.com/page-with-hunt",
      "apiGetLib": "https://example.com/hd-api/external/apps/app-id/api.js",
      "data": "kufyHK/s/j...wIW",
      "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36",
      "proxyType": "http",
      "proxyAddress": "1.2.3.4",
      "proxyPort": 8080,
      "proxyLogin": "login",
      "proxyPassword": "password"
    }
  }

Example response

Method: getTaskResult
API endpoint: https://api.2captcha.com/getTaskResult

json Copy 
{
    "errorId": 0,
    "status": "ready",
    "solution": {
        "token": "6IyDCCpDd.../z/kLNSpjewI="
        },
    "cost": "0.003",
    "ip": "1.2.3.4",
    "createTime": 1692863536,
    "endTime": 1692863556,
    "solveCount": 1
}

How to work with cookies correctly

The site uses cookies to track your session. If you don't send them with your requests, the server will simply reject the request or ask you to verify again.

Example cookie string the site returns:
platform_type=desktop; typeBetNames=full; _glhf=1234567890; coefview=0; visit=1-123abc012345d1be726746568edc62d9; fast_coupon=true; v3fr=1; lng=en; flaglng=en; SESSION=12a3aea8cdcfdbb9e7df8ee99b526a84; auid=ab0dW2mqlz1Tjo2AAwplAg==; ggru=195; che_g=12abcede-691f-c7b2-d1e8-8488bc557d98

Main steps for working with cookies:

  1. First, open the target page or send a regular GET request. The server will create a session and send initial cookies.
  2. Look for cookies in the Set-Cookie response header. This usually contains the session ID, security parameters, and bot protection data.
  3. Save the values you receive. You will need them for all subsequent requests.
  4. When sending requests to the API, add the saved cookies to the Cookie header. This way the server knows the requests come from the same session.
  5. Send all requests from the same IP address or proxy and with the same User-Agent header. If you change these values, the security system may flag the activity and require re-verification.
  6. Some cookies are created by the site itself via JavaScript. When automating, the easiest approach is to take ready-made cookies from a working browser or generate them using the same logic.