The only thing I can think of is some bad actor that constantly tries CF websites to try and find a hole that can be exploited. Otherwise that does sound pretty fishy.