npm - @fanboynz/network-scanner - Versions diffs - 2.0.64 → 2.0.65 - Mend

@fanboynz/network-scanner 2.0.64 → 2.0.65

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/lib/cloudflare.js CHANGED Viewed

@@ -156,6 +156,20 @@ const ERROR_TYPES = {
   UNKNOWN: 'unknown'
 };
+/**
+ * Retry configuration with exponential backoff.
+ * Defined before getRetryConfig so the reference order is structurally
+ * sound — previously getRetryConfig was hoisted above this const and only
+ * worked because the function was never called during module load.
+ */
+const RETRY_CONFIG = {
+  maxAttempts: 2,       // Only 2 attempts fit within 25s outer timeout
+  baseDelay: 800,       // Slightly faster retry delay
+  maxDelay: 5000,       // Lower max delay cap
+  backoffMultiplier: 2,
+  retryableErrors: [ERROR_TYPES.NETWORK, ERROR_TYPES.TIMEOUT, ERROR_TYPES.ELEMENT_NOT_FOUND, ERROR_TYPES.DETACHED_FRAME]
+};
 /**
  * Gets the retry configuration for a site, merging site-specific and global settings
  * @param {Object} siteConfig - Site configuration object
@@ -180,9 +194,9 @@ function detectChallengeLoop(url, previousUrls = []) {
   const isChallengeUrl = url.includes('/cdn-cgi/challenge-platform/') ||
                         url.includes('challenges.cloudflare.com') ||
                         url.includes('cf-ray');
   if (!isChallengeUrl) return false;
   // Check if we've seen this exact URL or very similar challenge URLs
   const similarUrls = previousUrls.filter(prevUrl => {
     if (prevUrl === url) return true; // Exact match
@@ -192,21 +206,10 @@ function detectChallengeLoop(url, previousUrls = []) {
     }
     return false;
   });
   return similarUrls.length >= 2; // Loop detected if we've seen similar URLs 2+ times
 }
-/**
- * Retry configuration with exponential backoff
- */
-const RETRY_CONFIG = {
-  maxAttempts: 2,       // Only 2 attempts fit within 25s outer timeout
-  baseDelay: 800,       // Slightly faster retry delay
-  maxDelay: 5000,       // Lower max delay cap
-  backoffMultiplier: 2,
-  retryableErrors: [ERROR_TYPES.NETWORK, ERROR_TYPES.TIMEOUT, ERROR_TYPES.ELEMENT_NOT_FOUND, ERROR_TYPES.DETACHED_FRAME]
-};
 /**
  * Performance cache for detection results
  * Stores detection results per domain to avoid redundant checks
@@ -217,8 +220,12 @@ class CloudflareDetectionCache {
     this.ttl = ttl;
     this.hits = 0;
     this.misses = 0;
-    // Prevent memory buildup in long-running processes
+    // Prevent memory buildup in long-running processes. unref() so the
+    // interval never prevents the Node process from exiting on its own —
+    // nwss.js calls cleanup() explicitly on scan completion, but any other
+    // consumer of this module that forgets to is still safe.
     this.cleanupInterval = setInterval(() => this.cleanupExpired(), ttl / 10);
+    this.cleanupInterval.unref();
   }
   getCacheKey(url) {
@@ -295,6 +302,11 @@ class CloudflareDetectionCache {
 // Initialize cache singleton
 const detectionCache = new CloudflareDetectionCache();
+// One-shot flag for the per-process module-version banner. Was previously
+// logged once per URL in handleCloudflareProtection's debug header, which
+// produces N=URL-count copies for no useful signal beyond the first.
+let _moduleVersionLogged = false;
 /**
  * Gets module version information
  * @returns {object} Version information object
@@ -313,31 +325,28 @@ function getModuleInfo() {
  * @param {boolean} forceDebug - Debug logging flag
  * @returns {boolean} True if URL should be processed
  */
+// Single precompiled regex anchored to URL start. Matches any of the
+// browser-internal / special protocols we want to skip, plus succeeds on
+// http(s):// for the inverse check below. Faster than running 13 sequential
+// startsWith comparisons per URL.
+const SKIP_PROTO_RE = /^(?:about|chrome|chrome-extension|chrome-error|chrome-search|devtools|edge|moz-extension|safari-extension|webkit|data|blob|javascript|vbscript|file|ftp|ftps):/i;
+const HTTP_PROTO_RE = /^https?:\/\//i;
 function shouldProcessUrl(url, forceDebug = false) {
   if (!url || typeof url !== 'string') {
     if (forceDebug) console.log(formatLogMessage('cloudflare', `[url-validation] Skipping invalid URL: ${url}`));
     return false;
   }
-  // Skip browser-internal and special protocol URLs
-  const skipPatterns = [
-    'about:', 'chrome:', 'chrome-extension:', 'chrome-error:', 'chrome-search:',
-    'devtools:', 'edge:', 'moz-extension:', 'safari-extension:', 'webkit:',
-    'data:', 'blob:', 'javascript:', 'vbscript:', 'file:', 'ftp:', 'ftps:'
-  ];
-  const urlLower = url.toLowerCase();
-  for (const pattern of skipPatterns) {
-    if (urlLower.startsWith(pattern)) {
-      if (forceDebug) {
-        console.log(formatLogMessage('cloudflare', `[url-validation] Skipping ${pattern} URL: ${url.substring(0, 100)}${url.length > 100 ? '...' : ''}`));
-      }
-      return false;
+  const skipMatch = url.match(SKIP_PROTO_RE);
+  if (skipMatch) {
+    if (forceDebug) {
+      console.log(formatLogMessage('cloudflare', `[url-validation] Skipping ${skipMatch[0].toLowerCase()} URL: ${url.substring(0, 100)}${url.length > 100 ? '...' : ''}`));
     }
+    return false;
   }
-  // Only process HTTP/HTTPS URLs
-  if (!urlLower.startsWith('http://') && !urlLower.startsWith('https://')) {
+  if (!HTTP_PROTO_RE.test(url)) {
     if (forceDebug) {
       console.log(formatLogMessage('cloudflare', `[url-validation] Skipping non-HTTP(S) URL: ${url.substring(0, 100)}${url.length > 100 ? '...' : ''}`));
     }
@@ -357,10 +366,60 @@ async function waitForTimeout(page, timeout) {
   return new Promise(resolve => setTimeout(resolve, timeout));
 }
+/**
+ * Captures whether the page currently has Cloudflare's two key cookies.
+ * cf_clearance is the post-challenge clearance token — its presence is the
+ * single most reliable "did the bypass actually succeed" signal, beating
+ * any DOM-side completion check. __cf_bm is the bot-mitigation cookie
+ * (typically set on every request that goes through CF's edge).
+ * Errors swallowed: cookie read failures should not affect bypass logic.
+ */
+async function getCfCookieState(page) {
+  try {
+    const cookies = await page.cookies();
+    let cf_clearance = false;
+    let cf_bm = false;
+    for (const c of cookies) {
+      if (c.name === 'cf_clearance') cf_clearance = true;
+      else if (c.name === '__cf_bm') cf_bm = true;
+    }
+    return { cf_clearance, cf_bm };
+  } catch {
+    return { cf_clearance: false, cf_bm: false };
+  }
+}
+/**
+ * Maps a handleCloudflareProtection result back to a short outcome tag
+ * for the per-URL summary log. The tag is grep-friendly (no spaces) so
+ * users can post-process scan logs by outcome category.
+ */
+function buildOutcomeString(result, errorCode) {
+  if (!result) return 'unknown';
+  if (result.skippedInvalidUrl) return 'skipped(non-http)';
+  if (result.quickDetectionFailed) return 'detection_failed';
+  if (result.cloudflareErrorPage) return `error_page(${errorCode || '5xx'})`;
+  if (result.timedOut) return 'timeout';
+  if (result.verificationChallenge?.requiresHuman) return 'captcha_required';
+  if (result.verificationChallenge?.attempted && result.verificationChallenge?.success) {
+    return `solved(${result.verificationChallenge.method || 'unknown'})`;
+  }
+  if (result.phishingWarning?.attempted && result.phishingWarning?.success) {
+    return 'solved(phishing_continue)';
+  }
+  if (result.skippedNoIndicators) return 'no_indicators';
+  if (!result.overallSuccess) return 'failed';
+  return 'ok';
+}
 /**
  * Categorizes errors for better handling
  */
 function categorizeError(error) {
+  // Guard against null/undefined error so callers using categorizeError in
+  // safe-defaults return paths (e.g. safePageEvaluate's final fallback when
+  // lastError was never assigned) don't blow up reading .message.
+  if (!error) return ERROR_TYPES.UNKNOWN;
   const errorMessage = error.message || '';
   if (errorMessage.includes('detached Frame') || errorMessage.includes('Attempted to use detached')) {
@@ -550,38 +609,50 @@ async function quickCloudflareDetection(page, forceDebug = false) {
         const stats = detectionCache.getStats();
         console.log(formatLogMessage('cloudflare', `Using cached detection result (cache hit rate: ${stats.hitRate})`));
       }
-      return cachedResult;
+      // Return a fresh shallow copy tagged _fromCache so the handler's
+      // logging can say "[cached]" instead of presenting cached title/body
+      // details as if they were fresh.
+      return { ...cachedResult, _fromCache: true };
     }
     // Perform actual detection with enhanced error handling
     const quickCheck = await safePageEvaluate(page, () => {
       const title = document.title || '';
       const url = window.location.href;
+      // Cloudflare-served 5xx origin-error pages (522/523/524/525/526/527/530).
+      // Title format is reliable: "<domain> | 5xx: <reason>". These are NOT
+      // bypass-able challenges — the origin is unreachable. Mark as
+      // recognized (hasErrorPage) but NOT as a bypass target (hasIndicators
+      // stays false) so the early-skip path still fires and the log can say
+      // "Cloudflare error page" instead of the misleading "No Cloudflare
+      // indicators found". errorCode is the captured 5xx digit so outcome
+      // logs can grep by specific error type.
+      const titleErrorMatch = title.match(/\|\s*(5\d\d):/);
+      if (titleErrorMatch) {
+        return { hasIndicators: false, hasErrorPage: true, errorCode: parseInt(titleErrorMatch[1], 10), title, url, bodySnippet: '' };
+      }
       // FAST PATH: Check title + URL first (string ops, no DOM traversal)
-      const titleMatch =
+      const titleMatch =
         title.includes('Just a moment') ||
         title.includes('Checking your browser') ||
         title.includes('Attention Required') ||
         title.includes('Security check');
       const urlMatch =
         url.includes('/cdn-cgi/challenge-platform/') ||
         url.includes('cloudflare.com');
       if (titleMatch || urlMatch) {
         return { hasIndicators: true, title, url, bodySnippet: '' };
       }
-      // MEDIUM PATH: Check a few fast selectors before expensive text extraction
-      const selectorMatch =
-        document.querySelector('[data-ray]') ||
-        document.querySelector('[data-cf-challenge]') ||
-        document.querySelector('.cf-challenge-running') ||
-        document.querySelector('.cf-turnstile') ||
-        document.querySelector('.cf-managed-challenge') ||
-        document.querySelector('[data-cf-managed]') ||
-        document.querySelector('script[src*="/cdn-cgi/challenge-platform/"]');
+      // MEDIUM PATH: Combine fast-path selectors into one query — one DOM
+      // walk for all 7 alternatives instead of up to 7 separate walks.
+      const selectorMatch = document.querySelector(
+        '[data-ray], [data-cf-challenge], .cf-challenge-running, .cf-turnstile, .cf-managed-challenge, [data-cf-managed], script[src*="/cdn-cgi/challenge-platform/"]'
+      );
       if (selectorMatch) {
         return { hasIndicators: true, title, url, bodySnippet: '' };
@@ -602,14 +673,19 @@ async function quickCloudflareDetection(page, forceDebug = false) {
         bodyText.includes('This website has been reported for potential phishing') ||
         bodyText.includes('Please wait while we verify') ||
         bodyText.includes('Checking if the site connection is secure');
-      // Remaining slower selectors
-      const slowSelectorMatch =
-        document.querySelector('.cf-challenge-container') ||
-        document.querySelector('.ctp-checkbox-container') ||
-        document.querySelector('iframe[src*="challenges.cloudflare.com"]') ||
-        document.querySelector('iframe[title*="Cloudflare security challenge"]');
+      // Remaining slower selectors — combined into one query for the same reason.
+      const slowSelectorMatch = document.querySelector(
+        '.cf-challenge-container, .ctp-checkbox-container, iframe[src*="challenges.cloudflare.com"], iframe[title*="Cloudflare security challenge"]'
+      );
+      // Body-text fallback for error pages with non-standard titles.
+      // Same rationale as the early title check: recognize but don't bypass.
+      const bodyErrorMatch = bodyText.match(/Error code (5\d\d)/);
+      if (bodyErrorMatch && !textMatch && !slowSelectorMatch) {
+        return { hasIndicators: false, hasErrorPage: true, errorCode: parseInt(bodyErrorMatch[1], 10), title, url, bodySnippet: bodyText.substring(0, 200) };
+      }
       return {
         hasIndicators: !!(textMatch || slowSelectorMatch),
         title,
@@ -624,10 +700,13 @@ async function quickCloudflareDetection(page, forceDebug = false) {
     if (forceDebug) {
       if (quickCheck.hasIndicators) {
         console.log(formatLogMessage('cloudflare', `Quick detection found Cloudflare indicators on ${quickCheck.url}`));
-      } else {
-        console.log(formatLogMessage('cloudflare', `Quick detection found no Cloudflare indicators on ${quickCheck.url}`));
       }
+      // hasErrorPage and no-indicators cases are deliberately silent here —
+      // handleCloudflareProtection prints a clearer per-action line right
+      // after ("Cloudflare error page detected..." or "No Cloudflare
+      // indicators found, skipping protection handling..."), so logging
+      // here would just duplicate it.
       if (quickCheck.attempts && quickCheck.attempts > 1) {
         console.log(formatLogMessage('cloudflare', `Detection required ${quickCheck.attempts} attempts`));
       }
@@ -657,28 +736,30 @@ async function analyzeCloudflareChallenge(page) {
       // Cap text extraction -- on content-heavy pages body.textContent can be megabytes
       const bodyText = document.body ? document.body.textContent.substring(0, 2000) : '';
-      // Updated selectors for 2025 Cloudflare challenges
-      const hasTurnstileIframe = document.querySelector('iframe[title*="Cloudflare security challenge"]') !== null ||
-                                 document.querySelector('iframe[src*="challenges.cloudflare.com"]') !== null ||
-                                 document.querySelector('iframe[title*="Widget containing a Cloudflare"]') !== null;
-      const hasTurnstileContainer = document.querySelector('.cf-turnstile') !== null ||
-                                   document.querySelector('.ctp-checkbox-container') !== null ||
-                                   document.querySelector('.ctp-checkbox-label') !== null;
-      const hasTurnstileCheckbox = document.querySelector('input[type="checkbox"].ctp-checkbox') !== null ||
-                                  document.querySelector('.ctp-checkbox') !== null;
-      const hasLegacyCheckbox = document.querySelector('input[type="checkbox"]#challenge-form') !== null ||
-                               document.querySelector('input[type="checkbox"][name="cf_captcha_kind"]') !== null;
-      const hasChallengeRunning = document.querySelector('.cf-challenge-running') !== null ||
-                                 document.querySelector('.cf-challenge-container') !== null ||
-                                 document.querySelector('.challenge-stage') !== null ||
-                                 document.querySelector('.challenge-form') !== null;
-      const hasDataRay = document.querySelector('[data-ray]') !== null ||
-                        document.querySelector('[data-cf-challenge]') !== null;
+      // Updated selectors for 2025 Cloudflare challenges. Each category groups
+      // its alternatives into a single comma-separated selector so the browser
+      // walks the DOM once per category instead of once per alternative.
+      const hasTurnstileIframe = !!document.querySelector(
+        'iframe[title*="Cloudflare security challenge"], iframe[src*="challenges.cloudflare.com"], iframe[title*="Widget containing a Cloudflare"]'
+      );
+      const hasTurnstileContainer = !!document.querySelector(
+        '.cf-turnstile, .ctp-checkbox-container, .ctp-checkbox-label'
+      );
+      const hasTurnstileCheckbox = !!document.querySelector(
+        'input[type="checkbox"].ctp-checkbox, .ctp-checkbox'
+      );
+      const hasLegacyCheckbox = !!document.querySelector(
+        'input[type="checkbox"]#challenge-form, input[type="checkbox"][name="cf_captcha_kind"]'
+      );
+      const hasChallengeRunning = !!document.querySelector(
+        '.cf-challenge-running, .cf-challenge-container, .challenge-stage, .challenge-form'
+      );
+      const hasDataRay = !!document.querySelector('[data-ray], [data-cf-challenge]');
       const hasCaptcha = bodyText.includes('CAPTCHA') || bodyText.includes('captcha') ||
                         bodyText.includes('hCaptcha') || bodyText.includes('reCAPTCHA');
@@ -1561,13 +1642,16 @@ async function checkChallengeCompletion(page) {
     const isCompleted = await safePageEvaluate(page, () => {
       const noChallengeRunning = !document.querySelector('.cf-challenge-running');
       const noChallengeContainer = !document.querySelector('.cf-challenge-container');
-      const noChallengePage = !document.body.textContent.includes('Checking your browser') &&
-                             !document.body.textContent.includes('Just a moment') &&
-                             !document.body.textContent.includes('Verify you are human');
+      // Read body.textContent once — each access re-walks the DOM tree to
+      // materialize the string. The cap matches analyzeCloudflareChallenge.
+      const bodyText = document.body ? document.body.textContent.substring(0, 2000) : '';
+      const noChallengePage = !bodyText.includes('Checking your browser') &&
+                             !bodyText.includes('Just a moment') &&
+                             !bodyText.includes('Verify you are human');
       const hasClearanceCookie = document.cookie.includes('cf_clearance');
       const hasTurnstileResponse = document.querySelector('input[name="cf-turnstile-response"]')?.value;
       return (noChallengeRunning && noChallengeContainer && noChallengePage) ||
              hasClearanceCookie ||
              hasTurnstileResponse;
@@ -1619,35 +1703,66 @@ async function checkChallengeCompletion(page) {
  *   console.log(`Challenge solved using: ${result.verificationChallenge.method}`);
  * }
  */
-async function handleCloudflareProtection(page, currentUrl, siteConfig, forceDebug = false) {
+async function handleCloudflareProtection(page, currentUrl, siteConfig, forceDebug = false, navInfo = {}) {
   const cfDebug = forceDebug || siteConfig.cloudflare_bypass === 'debug' || siteConfig.cloudflare_phish === 'debug';
   const cfBypassEnabled = siteConfig.cloudflare_bypass === true || siteConfig.cloudflare_bypass === 'debug';
   const cfPhishEnabled = siteConfig.cloudflare_phish === true || siteConfig.cloudflare_phish === 'debug';
-  if (cfDebug) {
-    console.log(formatLogMessage('cloudflare', `Using Cloudflare module v${CLOUDFLARE_MODULE_VERSION} for ${currentUrl}`));
+  // Outcome-summary bookkeeping. Only paid for in debug mode — page.cookies()
+  // is a real CDP round-trip we don't want on every URL in production.
+  // navInfo carries httpStatus + cfRay captured at page.goto time by the
+  // caller (response object isn't reachable from the page after navigation).
+  const startMs = Date.now();
+  let cookiesBefore = { cf_clearance: false, cf_bm: false };
+  if (forceDebug) cookiesBefore = await getCfCookieState(page);
+  let errorCode = null; // populated once quickDetection runs
+  const logOutcome = async (result) => {
+    if (forceDebug) {
+      try {
+        const cookiesAfter = await getCfCookieState(page);
+        const outcome = buildOutcomeString(result, errorCode);
+        const clearanceTag = cookiesAfter.cf_clearance
+          ? (cookiesBefore.cf_clearance ? 'clearance=preexisting' : 'clearance=gained')
+          : 'clearance=no';
+        const bmTag = cookiesAfter.cf_bm
+          ? (cookiesBefore.cf_bm ? 'cf_bm=preexisting' : 'cf_bm=gained')
+          : 'cf_bm=no';
+        const statusTag = navInfo.httpStatus != null ? ` | http=${navInfo.httpStatus}` : '';
+        const rayTag = navInfo.cfRay ? ` | cf-ray=${navInfo.cfRay}` : '';
+        console.log(formatLogMessage('cloudflare', `Outcome for ${currentUrl}: ${outcome} | ${clearanceTag} | ${bmTag}${statusTag}${rayTag} | duration=${Date.now() - startMs}ms`));
+      } catch (_) { /* never let summary logging affect the return */ }
+    }
+    return result;
+  };
+  if (cfDebug && !_moduleVersionLogged) {
+    // Print once per process; the version is global and doesn't change
+    // between URLs. Subsequent calls stay silent.
+    console.log(formatLogMessage('cloudflare', `Using Cloudflare module v${CLOUDFLARE_MODULE_VERSION}`));
+    _moduleVersionLogged = true;
   }
   // VALIDATE URL FIRST - Skip protection handling for non-HTTP(S) URLs
   if (!shouldProcessUrl(currentUrl, forceDebug)) {
     if (forceDebug) {
       console.log(formatLogMessage('cloudflare', `Skipping protection handling for non-HTTP(S) URL: ${currentUrl}`));
     }
-    return {
+    return await logOutcome({
       phishingWarning: { attempted: false, success: true },
       verificationChallenge: { attempted: false, success: true },
       overallSuccess: true,
       errors: [],
       skippedInvalidUrl: true
-    };
+    });
   }
   // Quick detection first - exit early if no Cloudflare detected and no explicit config
   const quickDetection = await quickCloudflareDetection(page, forceDebug);
+  if (quickDetection && quickDetection.errorCode) errorCode = quickDetection.errorCode;
   // Safety check: ensure quickDetection is valid
   if (!quickDetection) {
-    return { phishingWarning: { attempted: false, success: true }, verificationChallenge: { attempted: false, success: true }, overallSuccess: true, errors: [], quickDetectionFailed: true };
+    return await logOutcome({ phishingWarning: { attempted: false, success: true }, verificationChallenge: { attempted: false, success: true }, overallSuccess: true, errors: [], quickDetectionFailed: true });
   }
   // Early return structure when no Cloudflare indicators found
@@ -1656,15 +1771,23 @@ async function handleCloudflareProtection(page, currentUrl, siteConfig, forceDeb
   // Trust the detection -- explicit config only matters when indicators ARE found
   // This avoids a 10s adaptive timeout on non-Cloudflare sites
   if (!quickDetection.hasIndicators) {
-    if (forceDebug) console.log(formatLogMessage('cloudflare', `No Cloudflare indicators found, skipping protection handling for ${currentUrl}`));
-    if (forceDebug) console.log(formatLogMessage('cloudflare', `Quick detection details: title="${quickDetection.title}", bodySnippet="${quickDetection.bodySnippet}"`));
-    return {
+    if (forceDebug) {
+      const cachedTag = quickDetection._fromCache ? ' [cached]' : '';
+      if (quickDetection.hasErrorPage) {
+        console.log(formatLogMessage('cloudflare', `Cloudflare error page detected${cachedTag} (origin unreachable, no bypass possible) for ${currentUrl}`));
+      } else {
+        console.log(formatLogMessage('cloudflare', `No Cloudflare indicators found${cachedTag}, skipping protection handling for ${currentUrl}`));
+      }
+      console.log(formatLogMessage('cloudflare', `Quick detection details${cachedTag}: title="${quickDetection.title}", bodySnippet="${quickDetection.bodySnippet}"`));
+    }
+    return await logOutcome({
       phishingWarning: { attempted: false, success: true },
       verificationChallenge: { attempted: false, success: true },
       overallSuccess: true,
       errors: [],
-      skippedNoIndicators: true
-    };
+      skippedNoIndicators: true,
+      cloudflareErrorPage: !!quickDetection.hasErrorPage
+    });
   }
   // Standard return structure for all processing paths
@@ -1698,7 +1821,7 @@ async function handleCloudflareProtection(page, currentUrl, siteConfig, forceDeb
       const cachedOutcome = detectionCache.cache.get(outcomeCacheKey);
       if (cachedOutcome && cachedOutcome.data && cachedOutcome.data.timedOut && Date.now() - cachedOutcome.timestamp < detectionCache.ttl) {
         if (forceDebug) console.log(formatLogMessage('cloudflare', `Skipping ${currentUrl} -- domain already timed out on a previous URL`));
-        return cachedOutcome.data;
+        return await logOutcome(cachedOutcome.data);
       }
     } catch (e) { /* malformed URL, proceed normally */ }
@@ -1725,17 +1848,17 @@ async function handleCloudflareProtection(page, currentUrl, siteConfig, forceDeb
     // Cache timeout results at domain level so subsequent URLs skip immediately
     if (handlingResult.timedOut) {
       try {
-        const setOutcomeKey = 'outcome:' + new URL(currentUrl).hostname;
-        detectionCache.cache.set(setOutcomeKey, { data: handlingResult, timestamp: Date.now() });
+        const outcomeCacheKey = 'outcome:' + new URL(currentUrl).hostname;
+        detectionCache.cache.set(outcomeCacheKey, { data: handlingResult, timestamp: Date.now() });
       } catch (e) { /* malformed URL, skip caching */ }
     }
-    return handlingResult;
+    return await logOutcome(handlingResult);
   } catch (error) {
     result.overallSuccess = false;
     result.errors.push(`Cloudflare handling failed: ${error.message}`);
     if (forceDebug) console.log(formatLogMessage('cloudflare', `Overall handling failed: ${error.message}`));
-    return result;
+    return await logOutcome(result);
   }
 }