Incase some readers of this thread want to clue up on some of the work Cloudflare do to identify dodgy IPs verses highly shared IPs, then this blog article might be of interest...
https://blog.cloudflare.com/detectin...ateral-damage/
It does demand some technical understanding but it does go to demonstrate that CF do attempt to mitigate the relatively blunt tools that block by IP address, but there are limits on how far they can go.