Can you bypass the WAF and get XSS to pop?
http://139.162.232.63/WAF.php?keyword=test#

i double dare you 😍(ps. there is litteraly no solution which i know off for the moment. I THINK this is fully safe … was that enough off a challenge for you? )