通过ASN拦截云服务厂商IP访问网站

通过网站访问日志发现每日都存在不同归属地的IP对本网站进行扫描，为了减少该事件的发生，查阅相关资料后，发现只要对应的CDN支持ASN屏蔽，那么可以通过ASN直接屏蔽对应归属的IP段。

ASN列表

目前cloudflare和edgeone支持ASN列表拦截，故收集已知IP的ASN列表用于屏蔽。

阿里云:131233,134963,24429,34947,37963,38369,45096,45102,45103,45104,45108,59028,59051,59052,59053,59054,59055,211914
腾讯云:132203,132591,133478,134103,137876,45090,58835
华为云:131444,136907,139124,141180,149167,151610,200756,206204,206798,269939,63655,55990,61348,63727,139144,140723,265443
ucloud:9786,59077,135377
amazon:10124,10291,135630,14618,16509,17493,19047,21664,262486,263639,264167,264344,264509,266122,266194,267242,271017,271047,36263,38895,39111,395343,399834,399991,400098,40045,52994,58588,61577,62785,63088,699,7224,801,8987,9059,397153,46489
digitalocean:133165,135340,14061,200130,201229,202018,202109,393406,394362,46652,62567
Vultr: 400958
hostglobal: 202306
multacom: 14510,14542,19249,23244,35916,7796
megalayer: 139613,139646
constant: 11508,20473,267698,270087,393842,40444,40504,46407,54094
contabo: 51167,141995
private: 51852,52288
idcloudhost: 136052
wowrack: 23033,27323,32875,58381
hostwinds: 21773,54290,135085
netsec: 45753,64424
zenlayer: 13442,139625,21859,29752,38854,393502,393884,4229,59798,62610,63573
bytedance: 137718,137775,138699,150436,396986,398175
ctgserver: 152194,151850
mytgts: 142032
oracle: 10884,10962,11049,11479,11506,11625,11887,1215,1216,1217,1218,1219,135151,136025,138207,13832,13859,14506,14544,14919,15135,15179,15334,15519,1630,16474,18837,18916,20037,20054,200705,200981,203267,206209,21621,22435,23885,24185,29976,31898,31925,33517,34135,3457,36282,36502,38538,393218,393314,393676,393773,39467,395010,395738,399966,401341,40921,4184,41900,4191,4192,43894,43898,46403,46558,52019,54253,57748,60285,6142,63295,64102,7160,792,793,794,90
apple: 1036,1042,2709,31128,6185,63707,714
aiyun: 133492,134671,63828,63833,63999
bilibili: 140633,140943
Lenovo: 138005,138007,139109,139110,20111,63548
dell: 12257,136405,136407,137447,14876,17187,200946,23144,30614,3612,3613,3614,3615,38057,46507,46977,53878,54701,59915,60813,64208,6812,7977
akari: 131466,38136,400951,56850,59436,983
aeza: 210352,210644
hivelocity: 10480,29802,54540,61317
yandex: 15828,199528,202475,210119,210708,214883,216027,216264,13238,44534
interserver: 19318,26666,152950
axarnet: 50926,56732,203178
worldhost: 134470,139519,139784,139893,140209,141004,141772,142646,149477,149797,151186,199404,204800,209341,213183,216180,33408,51713
ipxo: 133941,18019,199058,200200,202358,206074,206092,206150,206164,210277,213060,213074,213085,397165,398197,54543,61440,834
国内IDC: 131090,131311,131335,131447,131586,131612,132437,132510,133373,133503,133774,133775,133776,133848,134089,134166,134238,134417,134418,134420,134422,134423,134425,134543,134756,134760,134761,134763,134764,134765,134766,134769,134770,134771,135054,135061,135089,13577,136052,136188,136190,136191,136192,136193,136194,136958,136959,137539,137686,137687,137690,137691,137693,137697,137698,137699,137702,137795,138169,138570,138949,138950,138982,138991,139007,139018,139115,139160,139201,139203,139220,139316,139587,139887,140527,140707,140716,140717,140720,140886,140979,141157,141679,141998,142608,146966,147038,148969,148981,149178,149837,149839,149979,150145,151185,152120,17788,17789,17790,17791,197642,20200,206596,20746,209915,23650,23724,24170,24379,265568,26654,26658,26885,27597,30121,30142,38587,46244,46617,4815,4816,48203,4823,4835,55423,55984,57391,57994,58370,58461,58466,58539,58540,58541,58543,58563,58772,58773,58774,58775,58776,59223,59374,63674,63835,63838,64399,7616,960,9891
kaopucloud: 136231,138915,140666,140688,140709,140846,141017,150120,150174

参考页面

通过查询IP的ASN信息再去反查对应公司的其他ASN地址。

查询IP的ASN

可以通过以下网站查询IP的归属地及ASN信息。

https://www.pdflibr.com/ip/1.1.1.1
https://www.ipxo.com/ip-data-intelligence/

查询ASN对应信息

通过查询到的ASN信息再去反查对应公司的ASN列表。

查询ASN对应的公司：https://2ip.io/analytics/asn-list/