Cloudflare Demo — Live Security Telemetry

Live request stream 0

Time	Method	Path	Status	Country	Bot	ASN	Colo	Protocol

Detected client-side scripts (Page Shield)

Script URL	Host	Status
/cf-demo/scripts/widget.js	Vale Finance (self)	Allowed
/cf-demo/scripts/telemetry.js	Vale Finance (self)	Allowed
https://challenges.cloudflare.com/turnstile/v0/api.js	Cloudflare Turnstile	Allowed — CF

In production: Page Shield monitors every script loaded by every visitor's browser and alerts on: new scripts, content changes, connections to new endpoints, scripts accessing sensitive inputs. For PCI DSS 4.0, Page Shield satisfies 6.4.3 (script authorisation) and 11.6.1 (change detection).

API Shield — /api/acquisitions/*

API Shield enforces: schema validation against the OpenAPI spec, JWT validation, mTLS termination at the edge (offloading from origin — matches NewDay's current mTLS model), sequence mitigation, and API Discovery. Violations return 400/403 with structured error codes visible in Security Events.

Endpoint	Method	Protection
/api/acquisitions/application	POST	Schema + RL
/api/acquisitions/application	GET	Schema + RL
/api/customers/{id}/profile	GET	Sequence Mit.

Security features active

WAF + Managed Rules	ON
DDoS mitigation	ON
Bot Management	Enterprise
Rate Limiting (login)	5/min
Rate Limiting (apply POST)	10/min
Turnstile (apply form)	Managed
Page Shield	Monitoring
API Shield (acquisitions)	Schema
TLS minimum version	1.2
HTTP/3	ON

Top countries

Country	Requests

Top colos (edge locations)

Colo	Requests

This panel is fed by Workers aggregating request.cf objects. In production, use Cloudflare Logpush to Sentinel / Grafana / S3 for durable storage and SIEM integration. NewDay's POC already validated Logpush → Sentinel / Grafana.