Was this helpful?
How to bypass Hunt captcha
Technical engineer
Introduction
Hunt captcha is a token-based protection that checks the uniqueness of the browser fingerprint and user session. Automation requires a two-step approach. First, you need to get a unique X-HD identifier, then use it to solve the captcha.
The 2Captcha service provides an API to bypass Hunt captcha via the HuntTask task type. The solution returns a token that you must pass to the target site to pass the check.
This article describes the full process, from creating a task to working with cookies and handling responses.
Overview
Hunt Captcha is a protection system based on tokens and browser fingerprints. Unlike classic image captchas, Hunt checks session uniqueness and behavioral patterns.
Key features:
- Two-step process. First get the X-HD unique fingerprint, then solve the captcha.
- IP binding. X-HD is tied to the IP address, so all requests must go through the same proxy.
- Cookie handling. Crucial for maintaining the session.
- Proxy requirement. The
HuntTasktask strictly requires a proxy.
The main problem in automation is synchronizing all parameters like IP, User-Agent, and cookies between requests. If anything changes, the security system rejects the solution.
Environment Setup
Before you start, make sure you have:
- API key from your 2Captcha dashboard.
- Working proxy (HTTP, SOCKS4, or SOCKS5) with a static IP.
- Target page URL with the Hunt captcha.
- Link to api.js. This is the captcha library file, usually visible in the page source code.
- Tool for HTTP requests (curl, Postman, Python requests, etc.).
The proxy must be static. Rotating proxies will not work because X-HD is tied to a specific IP. If you do not have your own proxy, you can use proxies from 2Captcha. They are specially selected for different captcha types and perform well on sites with complex protection. You can check the available options on the Proxy page.
Page Analysis
Before creating a task, you need to extract three key elements from the page:
- websiteURL. The full URL of the page with the captcha.
- apiGetLib. A link to the Hunt library JavaScript file (usually looks like
https://example.com/hd-api/external/apps/app-id/api.js). - meta.token. The value the site returns after the first request with X-HD.
To extract apiGetLib, open the page source code (Ctrl+U) and find the <script> tag with a src attribute containing api.js or hd-api.
To get meta.token, you first need to make an initial request to the API without the data parameter, get the X-HD, send it to the site, and extract the token from the response.
Implementation
Step 1. Create task without data (get X-HD)
Send a POST request to create a task without the data parameter:
Endpoint: https://api.2captcha.com/createTask
Method: POST
Content-Type: application/json
Request example:
json
{
"clientKey": "YOUR_API_KEY",
"task": {
"type": "HuntTask",
"websiteURL": "https://example.com/page-with-hunt",
"apiGetLib": "https://example.com/hd-api/external/apps/app-id/api.js",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36",
"proxyType": "http",
"proxyAddress": "1.2.3.4",
"proxyPort": 8080,
"proxyLogin": "login",
"proxyPassword": "password"
}
}Response example:
json
{
"errorId": 0,
"taskId": "123456789"
}Step 2. Get result (X-HD)
Send a POST request to get the task result:
Endpoint: https://api.2captcha.com/getTaskResult
Method: POST
Content-Type: application/json
Request example:
json
{
"clientKey": "YOUR_API_KEY",
"taskId": "123456789"
}Response example:
json
{
"errorId": 0,
"status": "ready",
"solution": {
"X-HD": "abc123def456..."
},
"cost": "0.003",
"ip": "1.2.3.4",
"createTime": 1692863536,
"endTime": 1692863556,
"solveCount": 1
}Extract the solution.X-HD value from the response.
Step 3. Send X-HD to the site
Send a GET request to the target site with the X-HD header:
GET https://example.com/page-with-hunt
Headers:
X-HD: abc123def456...
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Cookie: platform_type=desktop; SESSION=12a3aea8cdcfdbb9e7df8ee99b526a84; ...The site will return a response with meta.token. Extract this value from the JSON response or HTML.
Step 4. Create task with data (solve captcha)
Send a POST request to create a task with the data parameter equal to meta.token:
Endpoint: https://api.2captcha.com/createTask
Method: POST
Content-Type: application/json
Request example:
json
{
"clientKey": "YOUR_API_KEY",
"task": {
"type": "HuntTask",
"websiteURL": "https://example.com/page-with-hunt",
"apiGetLib": "https://example.com/hd-api/external/apps/app-id/api.js",
"data": "kufyHK/s/j...wIW",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36",
"proxyType": "http",
"proxyAddress": "1.2.3.4",
"proxyPort": 8080,
"proxyLogin": "login",
"proxyPassword": "password"
}
}Step 5. Get the solution
Send a POST request to get the result:
Endpoint: https://api.2captcha.com/getTaskResult
Method: POST
Content-Type: application/json
Request example:
json
{
"clientKey": "YOUR_API_KEY",
"taskId": "123456790"
}Response example:
json
{
"errorId": 0,
"status": "ready",
"solution": {
"token": "6IyDCCpDd.../z/kLNSpjewI="
},
"cost": "0.003",
"ip": "1.2.3.4",
"createTime": 1692863536,
"endTime": 1692863556,
"solveCount": 1
}Extract solution.token and pass it to the target site to complete the verification.
Parameter Explanations
HuntTask parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
type |
String | Yes | Task type: HuntTask |
websiteURL |
String | Yes | Full URL of the page with the captcha |
apiGetLib |
String | Yes | Link to the api.js file of the Hunt library |
userAgent |
String | No | Browser User-Agent. Recommended for consistency |
data |
String | No | The meta.token value for the second stage. Absent in the first stage |
proxyType |
String | Yes | Proxy type: http, socks4, socks5 |
proxyAddress |
String | Yes | Proxy IP address or host |
proxyPort |
Number | Yes | Proxy port |
proxyLogin |
String | No | Login for proxy authorization |
proxyPassword |
String | No | Password for proxy authorization |
Response structure
| Field | Type | Description |
|---|---|---|
errorId |
Number | Error code. 0 means success |
status |
String | Task status: processing or ready |
solution.X-HD |
String | Unique fingerprint (first stage) |
solution.token |
String | Captcha solution token (second stage) |
cost |
String | Solution cost in service currency |
ip |
String | Proxy IP used for solving |
createTime |
Number | Task creation timestamp |
endTime |
Number | Solution completion timestamp |
solveCount |
Number | Number of solving attempts |
Working with Cookies
Cookies are critical for Hunt captcha. The site tracks the session through cookies. If they are not passed or change, the verification fails.
Example cookie string
platform_type=desktop; typeBetNames=full; _glhf=1234567890; coefview=0; visit=1-123abc012345d1be726746568edc62d9; fast_coupon=true; v3fr=1; lng=en; flaglng=en; SESSION=12a3aea8cdcfdbb9e7df8ee99b526a84; auid=ab0dW2mqlz1Tjo2AAwplAg==; ggru=195; che_g=12abcede-691f-c7b2-d1e8-8488bc557d98Basic rules for working with cookies
- Get initial cookies. Send a GET request to the target page and extract cookies from the
Set-Cookieheader. - Save all values. You will need cookies for all subsequent requests.
- Pass cookies in every request. Add them to the
Cookieheader when contacting the API and the site. - Use one IP. All requests must go through one proxy.
- Use one User-Agent. Do not change the User-Agent between requests.
- Update cookies if necessary. Some cookies are generated by JavaScript on the client side.
Example headers with cookies
GET https://example.com/page-with-hunt
Headers:
X-HD: abc123def456...
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Cookie: platform_type=desktop; SESSION=12a3aea8cdcfdbb9e7df8ee99b526a84; visit=1-123abc012345d1be726746568edc62d9Common Errors
| Error | Cause | Solution |
|---|---|---|
ERROR_WRONG_USER_KEY |
Invalid API key | Check clientKey in your 2Captcha dashboard |
ERROR_ZERO_BALANCE |
Insufficient funds | Top up your balance in the dashboard |
ERROR_TASK_NOT_FOUND |
Invalid taskId or task expired | Check taskId and create a new task |
| Site rejects solution | IP, User-Agent, or cookie mismatch | Use one proxy and User-Agent for all requests, pass cookies |
meta.token not found |
Site did not return token after X-HD request | Check X-HD and cookies, make sure the request goes through the same proxy |
| Solution timeout | Task not solved in time | Increase getTaskResult polling interval or check target site availability |
| Proxy error | Proxy unavailable or blocked | Check proxy health, make sure it supports HTTPS. If using your own proxy, try 2Captcha proxies optimized for different captcha types |
Additional Resources
Pre-launch Checklist
- Received API key from 2Captcha dashboard
- Configured static proxy
- Extracted
websiteURLandapiGetLibfrom page source code - Implemented two-step process: get X-HD, send to site, get meta.token, solve captcha
- Configured cookie handling: get, save, pass in headers
- All requests use one IP (proxy) and one User-Agent
- Implemented error and timeout handling
- Tested solution on target site
- Configured logging for debugging
Conclusion
Hunt captcha requires careful work with the session and browser fingerprints. The two-step process via the 2Captcha API allows you to automate solving, but consistency is critical. You must use one proxy, one User-Agent, and correct cookies.
Use the HuntTask task type to solve the captcha via a proxy. The first request without data returns the X-HD. The second request with data = meta.token returns the solution token.
Do not forget about cookies. Without them, the site will reject the solution. Save cookies from the first response and pass them in all subsequent requests.
Proxy quality largely determines success. If your own proxies show unstable results, it makes sense to try our proxies.
Detailed documentation is available on the Hunt Captcha API page.