CSAM attacks can happen anywhere you allow users to upload images. Cloudflare of course was giving him the free CSAM scan/filter which is part of their free package. Not sure if XenForo has one of their own but to be honest, if you are now forced into total Darknet, you don't need to react with bots to kill it you just need mods that stay on top of it and ban and block accounts, and if necessary--ban noob accounts from uploading images until they can show some signs they aren't gonna fedpost.
The thing with I2P, beyond that network having that shitty crazy default Java client, is that for many years there were bulk pedo uploaders running i2p sites. The feds are on I2P more than they are on Tor or any other stanknet, just because I2P has been at this since the 1990s back when nobody was monitoring anything and most of the users were tinfoil hats who are scared to send any packet out on the Internet unencrypted.
