That problem is related to violating a firewall rule of Snort set by Talos.
Talos also provide clamav and the clamav signatures are provided through cloudfare as well and if the Freshclam signature downloader access the site too often then your IP gets blocked. I have seen that be reported on the clamav mailing list.
Talos, Snort and Clamav are all owned by Cisco.
Here is a link to the Cloudfare FAQ about this error. https://community.cloudflare.com/t/community-tip-fixing-error-1020-access-denied/66439. They just communicate the fact that an error has occurred to you.
Looks like you need to contact probably Snort to find what the reason for the violation was and to get removed from their block list. That was how it worked with the Clamav cases that I saw.
The reason you can access the site without IPFire is that the details of the machine making the connection are different.