Considering the first half is the same, it makes me think it’s the same user.
I’ve noticed that my IPv6 address fluctuates depending on use. I’m not sure why that is, but it’s my guess that’s what’s happening here. That may be why my host doesn’t offer DDoS protection against IPv6.
Actually the problem is Cloudflare specific. Literally ALL other services that display your IP (from Google to obscure whats my ip checking sites and services like Zendesk) show the correct (same IP)
It’s only the Cloudflare x-forwarded-for header that has that other IP.