It is not just us it is if there was bad activity against any website within the couldflare network. It creates a list of untrusted connections by knowing how those connections behave across millions of websites.

"CloudFlare knows which visitors to challenge (also referred to as suspicious visitors) based on a variety of data sources. Specifically, CloudFlare leverages threat data from Project Honey Pot and a variety of other third-party sources to identify online threats. In addition, CloudFlare uses the collective intelligence of the websites on its system to identify new threats that arise. So if a new threat is identified on one site, CloudFlare can automatically protect the rest of the CloudFlare community. The types of threats that CloudFlare identifies is broad and includes email harvesting, SQL injection, cross-site scripting, comment spam, credential hacking, denial of service attacks and so on. "