Cloudflare's pages have a /cdn-cgi/ directory with some interesting resources:

- scripts/{cf.common.js,cf.challenge.js,zepto.min.js}
- trace/
- 
 
Some of them might be helpful for exploiting/bypassing stuff :)

• Bypass WAFs with obfuscated links: view
• DOM clobbering + translate()^2 == XSS: view or trickier