From 1a48692d8dad6dbfc6034e435e96015d51b7f4a3 Mon Sep 17 00:00:00 2001
From: nour <nouryousry.sh@gmail.com>
Date: Thu, 9 Oct 2025 11:19:31 +0300
Subject: [PATCH 1/2] Fixes #2628: Add npm to removed sites

---
 docs/removed-sites.md                | 13 +++++++++++++
 sherlock_project/resources/data.json |  6 ------
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/docs/removed-sites.md b/docs/removed-sites.md
index b44e520e7..608efb61a 100644
--- a/docs/removed-sites.md
+++ b/docs/removed-sites.md
@@ -129,6 +129,19 @@ NPM-Packages are not users.
   },
 ```
 
+## NPM Users
+
+NPM uses cloudflare bot detection
+
+```json
+    "npm": {
+    "errorType": "status_code",
+    "url": "https://www.npmjs.com/~{}",
+    "urlMain": "https://www.npmjs.com/",
+    "username_claimed": "kennethsweezy"
+  },
+```
+
 ## Pexels
 
 As of 2020-01-21, all usernames are reported as not existing.
diff --git a/sherlock_project/resources/data.json b/sherlock_project/resources/data.json
index 4d35c9700..b12ad970a 100644
--- a/sherlock_project/resources/data.json
+++ b/sherlock_project/resources/data.json
@@ -2808,12 +2808,6 @@
     "urlMain": "https://note.com/",
     "username_claimed": "blue"
   },
-  "npm": {
-    "errorType": "status_code",
-    "url": "https://www.npmjs.com/~{}",
-    "urlMain": "https://www.npmjs.com/",
-    "username_claimed": "kennethsweezy"
-  },
   "omg.lol": {
     "errorMsg": "\"available\": true",
     "errorType": "message",

From 882e2e9a7ea9af144f8bbc87eda78bcdac90f731 Mon Sep 17 00:00:00 2001
From: nour <nouryousry.sh@gmail.com>
Date: Thu, 9 Oct 2025 12:29:23 +0300
Subject: [PATCH 2/2] Enhance WAF detection logic for responses with headers

---
 sherlock_project/sherlock.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/sherlock_project/sherlock.py b/sherlock_project/sherlock.py
index 75b3e3d70..798685c92 100644
--- a/sherlock_project/sherlock.py
+++ b/sherlock_project/sherlock.py
@@ -8,6 +8,7 @@
 """
 
 import sys
+from collections.abc import Mapping
 
 try:
     from sherlock_project.__init__ import import_error_test_var # noqa: F401
@@ -395,6 +396,14 @@ def sherlock(
         elif any(hitMsg in r.text for hitMsg in WAFHitMsgs):
             query_status = QueryStatus.WAF
 
+        
+        elif any(hitMsg in r.text for hitMsg in WAFHitMsgs):
+            query_status = QueryStatus.WAF
+
+        elif isinstance(r.headers, Mapping) and r.headers.get('cf-mitigated') == 'challenge':
+            query_status = QueryStatus.WAF
+
+
         else:
             if any(errtype not in ["message", "status_code", "response_url"] for errtype in error_type):
                 error_context = f"Unknown error type '{error_type}' for {social_network}"