How to better understand IPv6 to block requests
You can never be 100% sure, because various ISPs and hosting providers do things differently (and sometimes very very wrongly). But as a rule a cloud provider will assign a /64 to a virtual network, and every VM in that virtual network will get IP addresses from within that /64 in various different ways. Providers leasing bare metal ("dedicated") servers typically assign a /64 to each physical machine.
It gets a bit more complicated for home connections, but as a rule, unless the subscriber has made configuration changes (few do, as for the most part it's IT pros who want more than a /64 at home) they also will have a /64 for their entire residence.
So, as the above suggests, blocking the /64 is likely to get rid of most malicious actors who know how to rotate their IPv6 address.
You may find RFC 6177 interesting reading. Mainly as a baseline to see how various providers do it wrong.