A recent hit (actually, a block) from an outfit I don't believe I've ever seen before (ImmuniWeb from AS 32613) leads me to ask this question - what website trust or security (or secure / corporate proxy) do you allow to hit your website?

Some candidates I can think of (that I see occasionally) are:

AVAST
Barracuda Networks
Colt Technology
Cisco / Ironport
Forcepoint / surfcontrol
Fortinet
Kaspersky
Mcafee
Symantec / Bluecoat / k9webprotection
VeriSign
Zscaler

I get intermittent, low-level hits to my landing page (just the html file, nothing else) from various Kaspersky IP's. I don't know what initiates them. Programatic scanning, or user-initiated? When you get a hits from entities like those, it's hard to know if the end purpose was

a) to scrape your content
b) classify your site as safe to browse (or not)
c) a secure / anonymous proxy being used by a (corporate / institutional) human
d) test for vulnerabilites (initiated by a malicious or suspicious actor?)
e) test or verify online / active status (by an actor who's own access is IP blocked?)

I do block some Avast (I think it's Avast) because of the junk requests I've seen from them.

I'm just trying to understand hits from this ecosystem and why they happen.