diff --git a/sherlock_project/sherlock.py b/sherlock_project/sherlock.py
index f78d4b8cac..3fad5daa4e 100644
--- a/sherlock_project/sherlock.py
+++ b/sherlock_project/sherlock.py
@@ -389,12 +389,22 @@ def sherlock(
             r'{return l.onPageView}}),Object.defineProperty(r,"perimeterxIdentifiers",{enumerable:' # 2024-04-09 PerimeterX / Human Security
         ]
 
+        WAFHitHeaders = {
+            "cf-mitigated": "challenge", # 2026-04-05 Cloudflare challenge header on HEAD/GET
+        }
+
         if error_text is not None:
             error_context = error_text
 
         elif any(hitMsg in r.text for hitMsg in WAFHitMsgs):
             query_status = QueryStatus.WAF
 
+        elif any(
+            r.headers.get(header_name, "").lower() == expected_value
+            for header_name, expected_value in WAFHitHeaders.items()
+        ):
+            query_status = QueryStatus.WAF
+
         else:
             if any(errtype not in ["message", "status_code", "response_url"] for errtype in error_type):
                 error_context = f"Unknown error type '{error_type}' for {social_network}"