It should be automateable, yes. Different RIRs (regional internet registries), which all operate their own WHOIS databases, might handle this differently but generally you should be able to get an abuse contact in an automated fashion for exactly this purpose
> most of the scanner firms seem to be creating their own maps of as much of the internet as they can get their grubby hands on, and then sell API access to their database
Yeah, sure, a lot of scanners are run by black or gray hats. Just saying that all options are on the table and blocking (or even reporting) e.g. the non-profit .nl operator organization for scanning tcp:443 on all the A/AAAA records of .nl domains is going to do much good
> most of the scanner firms seem to be creating their own maps of as much of the internet as they can get their grubby hands on, and then sell API access to their database
Yeah, sure, a lot of scanners are run by black or gray hats. Just saying that all options are on the table and blocking (or even reporting) e.g. the non-profit .nl operator organization for scanning tcp:443 on all the A/AAAA records of .nl domains is going to do much good
(Example of what they're doing: https://www.sidn.nl/en/news-and-blogs/new-system-for-logo-ba...)