It's simple, really. Cloudflare is the single root cause of the issue. All the others are not a huge issue until Cloudflare notices. It's perfectly rational and reasonable to blame the company trying to gatekeep the whole internet, without taking any responsibility for false positives.
Scaling to infinity isn't a right, it is a privilege. Any company that builds this sort of no-human-decision systems are abusing that privilege and hoping that anyone who suffers wrongly under their systems doesn't have enough voice (google seems to be the worst for this, though cloudflare seems set to follow).
I'm not sure how to phrase this without sounding like a prick, but I'm not exactly new at this stuff. You missed on all of those examples. I appreciate the point you're trying to make, but Cloudflare is in fact the primary factor here.
> That you know about. Your house mates share the internet connection.
This is actually the least likely these days... the no.1 cause would be CGNAT, the vast majority of residential endpoints share an IPv4 address with a huge number of users, mobile networks are even worse... that's before we even get to IP recycling for dynamic IPs which happens at high frequency with mobile networks again, so you will inevitably get affected eventually.
This is why it's a bad idea to block IPs outright, because today one IP address never equates to a single individual or the same set of individuals over time. The other problem with blocking IP addresses based on abuse is considering them equal in user weight, yet one IP might have 2 users, another might have 10000 users - Blocking a TOR exit node is a good extreme example of this... people think of it as an effective defence because of the concentration of abuse on that single IP address, but they fail to consider the concentration of users behind that IP address - TOR exit nodes probably are a slightly higher source of abuse per user, but not any where as high as per IP - if you measure abuse per IP you are more likely looking a rough picture of users per IP for highly NATed IPs.
That you know about. Your house mates share the internet connection.
I’m guessing you have WiFi, so you may have unintended guests.
You probably have lots of devices, one of which may be infected.
Your ISP may have issued you a different IP which may have a negative reputation score.
You could be using a malware infected browser or browser extension.
There are lots of variables. You haven’t isolated all of the ones in your control, so assuming CloudFlare is the only possible cause isn’t rational.