If you would like to find out more information about those IP addresses before deciding whether to block them, then I suggest performing reverse lookups of the IP addresses to see what domain names they are mapped to, if any, and then performing WHOIS lookups of the returned domain names to see if those IP addresses belong to any entity that you know and trust.
If you are using a *nix OS — e.g., macOS or any Linux distribution — open a terminal window and enter the following:
dig @2606:4700:4700::1111 -x [IP address] +dnssec +multiline
(Replace
[IP address] with the IP address that you are looking up. The IPv6 address
2606:4700:4700::1111 points to Cloudflare's public DNS resolver. You may change it to an IPv4 or IPv6 address of any other public resolver or simply leave out the
@ field to query your local system's DNS resolver.) This should return the domain name that is mapped to the IP address, if any.
Then, perform a WHOIS lookup of the returned domain name by entering the following into your terminal:
(Replace
[domain name] with the domain name that you are looking up. You may instead use a web-based WHOIS lookup client if you wish.)
If the returned results are suspicious or unknown to you, then I recommend blocking those IP addresses.
