This page emulates vulnerable Javascript code that URI-decodes untrusted input and blindly uses it to build the URL of the call to the JSONP endpoint.