# RIPE netblock INTERNETMEASUREMENT-X (2a06:4880::/32) whose RIPE
#  record includes in its "remarks" 
#        | This IP range is not attacking your network.
#        | Visit https://internet-measurement.com for more details.
#  Their addresses _are_ attacking my network, despite their claims,
#  and their webpages try to ram HTTPS down my throat.
2a06:4880::/32

# Digital Ocean; see the v4 version for discussion.
2604:a880::/32

# Facebook: trying to do Web fetches but being seriously impatient.
2a03:2880::/40
2a03:2880:1100::/40
2a03:2880:1300::/40
2a03:2880:1500::/40
2a03:2880:1600::/40
2a03:2880:2100::/40
2a03:2880:2200::/40
2a03:2880:2700::/40
2a03:2880:0200::/40

# shadowserver.org, who appear to think there is such a thing as
#  legitimate scanning.
2001:470:1:c84::/64
2001:470:1:456::/64
2001:470:1:fb5::/64
2001:470:1:332::/64
2001:470:2cc::/48

# Censys, who appears to think there is such a thing as legitimate
#  scanning.
2602:80d:1000::/44
2620:96:e000::/48

# Onyphe.{net,io} - see the v4 onyphe blocks for more.
2a14:f100::/29
2001:41d0:303:1719::400/124

# Chinanet or ChinaTelecom, depending on which APNIC record you read.
#  They host(ed) an attacker which sent an astonishing variety of
#  attacks to my SMTP server; when I tried to report them (to the abuse
#  address given by APNIC), the mail was rejected with "501 Invalid
#  Client IP".  I have negative interest in talking with a netblock
#  that broken.
240e:100::/24