If you find an SSRF vulnerability hosted by DigitalOcean. You can use the metadata API to search sensitive information including private keys. Here is the list of DigitalOcean
