Anybody seeing a pattern here? - SYN flood spoofing

home | blog | Terrible people and places | Covid-19 links | Teh Internet | guest blog |rants | placeholder | political | projects | Gwen and Liam | Citadel patched | Tools | Scouts

So far, I have had the following IP's become what I assume is the brunt end of a spoofed SYN flood attack: <- observed from a server where I could not block - lasted almost 4 hours!

Not sure what the connection is, but if someone knows, feel free to let me know.
Not sure what to make of it yet.

Update Oct 1 2018
The spoofing continues.
Seems to now include some Cloudflare, Google User Content, and random other targets.
The rotating behavior is new as well.
Much of the hate seems directed at: - with other hosts in rotation (off and then on again short burst attacks). - seems to be in second place for the disdain.
others... (the burst ones that seem only to be attacked from 1 to 5 minutes at a shot over a 20 to 40 minute interval)