find hidden vugen parameter
I am trying to test a banking web site. The website need logon and somehow it provide a token. I can see the real token (it is a very long number string) in the following script when it sends a request, but I cannot find where the token comes from. How can I record the token?