My firewall (Outpost Pro) keeps reporting port scans from meta.wikimedia.org (details at the bottom of the email).
It seems very unlikely that anyone would do a port scan from the wikimedia servers. I would guess it's someone spoofing the source IP address, although I can't see much point in that beyond causing an annoyance (which is more than enough reason for some people).