diff --git a/src/api/loc.sh/routes/internal.ts b/src/api/loc.sh/routes/internal.ts
index cdba43a..8bfe331 100644
--- a/src/api/loc.sh/routes/internal.ts
+++ b/src/api/loc.sh/routes/internal.ts
@@ -1,3 +1,4 @@
+/* eslint-disable no-shadow */
 import { Route, Server } from '../../../class';
 // import acknowledgements from '../../../configs/acknowledgements.json';
 
@@ -35,16 +36,26 @@ export default class Internal extends Route {
     this.router.get('/score', async (req, res) => {
       try {
         res.setHeader('Access-Control-Allow-Origin', '*');
-        if (this.timeout.has(req.ip)) return res.status(429).json({ code: this.constants.codes.PERMISSION_DENIED, message: this.constants.messages.PERMISSION_DENIED });
-        if (!req.query.pin) return res.status(400).json({ code: this.constants.codes.CLIENT_ERROR });
+        if (this.timeout.has(req.ip)) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
+        if (!req.query.pin) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
         const args = req.query.pin.toString();
         this.timeout.add(req.ip);
         setTimeout(() => this.timeout.delete(req.ip), 1800000);
         let score = await this.server.client.db.Score.findOne({ pin: [Number(args.split('-')[0]), Number(args.split('-')[1]), Number(args.split('-')[2])] }).lean().exec();
         if (!score) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
         const member = await this.server.client.getRESTGuildMember(this.constants.discord.SERVER_ID, score.userID);
-        if (!member) return res.status(404).json({ code: this.constants.codes.ACCOUNT_NOT_FOUND });
-        await this.server.client.db.Score.updateOne({ userID: score.userID }, { $addToSet: { softInquiries: { name: `${member.username} via report.libraryofcode.org @ IP ${req.ip}`, date: new Date() } } });
+        if (!member) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
+
+        if (req.query.staff) {
+          const args = req.query.staff.toString();
+          const staffScore = await this.server.client.db.Score.findOne({ pin: [Number(args.split('-')[0]), Number(args.split('-')[1]), Number(args.split('-')[2])] }).lean().exec();
+          if (!staffScore) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
+          if (!staffScore.staff) return res.status(401).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED });
+          this.timeout.delete(req.ip);
+          await this.server.client.db.Score.updateOne({ userID: staffScore.userID }, { $addToSet: { softInquiries: { name: 'Library of Code sp-us | Staff Team via report.libraryofcode.org', date: new Date() } } });
+        } else {
+          await this.server.client.db.Score.updateOne({ userID: score.userID }, { $addToSet: { softInquiries: { name: `${member.username} via report.libraryofcode.org @ IP ${req.ip}`, date: new Date() } } });
+        }
         score = await this.server.client.db.Score.findOne({ pin: [Number(args.split('-')[0]), Number(args.split('-')[1]), Number(args.split('-')[2])] }).lean().exec();
 
         let totalScore = '0';