simple email to support would answer this
"The IP address belongs to Incapsula, which is our DDoS protection service.
As Incapsula acts as a proxy for Bitfinex, it means that we have to be relying on extra information from your connection to "guess" the IP address. If for some reasons the network you used or the browser you used did not forward any of that information, the Incapsula IP can appear in lieu of your real IP.
I fully understand your concern. You experienced the affects of a DDoS attempt, though very annoying, no real bug. "
camolist you got that answer from support? it is very confusing and lacks of technical detail, there is nothing to "guess" about a source IP address, every connection comes with a source IP address and nothing need to be forwarded...
This is the first time happening to me in about a year, and if ppl start seeing successfull logins history from FOREIGN IP addresses this is absolutely normal to start worrying and flooding email support with questions.