Try XSS Attacks: Enter one of these payloads in the search field:
<script>alert('xss')</script>
<svg onload=alert(1)>
<img src=x onerror=alert(1)>
<svg on onContextMenu=alert(1337)>
javascript:alert(document.cookie)
The WAF will detect and block these XSS attempts!
Tip: Try searching for "cloudflare", "security", or "workers" to see valid results.