How to ONLY evaluate 1st request from IP?

I am developing a CF Worker in JS. I would like to evaluate web requests from IPs. However, I only want to evaluate the 1st request an IP does to a webpage / URL. For example, for a Wordpress site, every IP, on every page view makes an average of 25 requests (docs, js, css, imgs, xhr etc.). I only want to evaluate the 1st request.

The idea is to make the CF Worker as efficient as possible, meaning, to spend the less amount of requests possible (process 1 request instead of 25 requests). The idea of the script will be to evaluate the IP, checking that IP against an API service, and either allow or block the IP based on the IP reputation.

I think there are 2 ways of doing this, neither of which is perfectly ideal, nor would guarantee each user/IP is checked or only one request per user/IP is checked.

  1. Make the Worker put the IP in question into a IP List or a Firewall Rule to block it once it’s been deemed unsafe. You will still check all requests, though.
  2. You might want to check only on HTML reqs, which are normally the first one. You’d limit the queries to the first reqs per page, but if someone were to try and do something malicious they might go for one of the other reqs. You could of course update it, in case, though and it’s pretty easy and fast to do so.

I like the 2nd approach better. How can I check that the resource type is HTML/Doc with JavaScript?

Will this approach work for requests that don’t return a 200 HTTP status code?

Anyone that can help me out with this?

I have checked the Request Headers and there is a parameter with the name sec-fetch-dest

If I check that parameter value and I filter only for those requests that have the “document” value on that parameter, will I be able to only evaluate those requests (and save on request quota)?

Any idea how to do this? @WalshyMVP