Im not sure if this is a forum for only posting or also asking questions? Anyways there is this target in a BBP i was working on a while back, where there are one GET and one POST request if i remember correctly on this login form, where i found a authorization token/cookie that doesnt normally exist, i found it in another way. And if you write anything into the token + a domain it will parse only the domain and do a DNS lookup to it. At first i was letsgo blind command injection but after awhile i noticed you can enter anything and it will only parse the domain and do that DNS lookup. So my theory is it could have been a blind SSRF that got reported so they deleted the token and restricted their firewall to block the HTTP request or that it is/was used for tracking users? You can enter xxx!"??–xxx domain.com xxxx$!,;xxx and it only parses the domain. What you guys think about this hidden token? Maybe worth putting some time into again?