The website and API protection by cloudflare was installed during one of the last DDOS attacks. That was something like a couple of months back. It’s not secret, but it’s not really documented either.
That said, the issue in question would seem weird to be caused by this, and I’m sure the ops people considered it, but it is the thing that changed roughly in that time frame.