Scaleway formerly known as Online SAS (ASN AS12876, Locations: France, Netherlands and Poland) is a host for a multitude of bad actors who are constantly scraping our website and web-based clients for vulnerabilities. It is also a host, however, for good actors.
Scaleway, Hetzner, OVH, Digitalocean… pretty much any cheap hosting is a major hassle when it comes to spam, attacks and other shapes of annoying traffic.
Block them? Sure; however, you might be blocking legitimate visitors that use those providers as VPN.
Usually those IPs have a higher threat score. You could build a firewall rule that does:
if threat score > 0 AND bad_asn → Challenge.
if threat score > 5 AND bad_asn → Block.
Why 0 and 5? No specific reason; from my experience CF is very permissive when it comes to assigning a threat score… many “malicious” IPs have as threat score 0. You could deploy the rules with LOG action and see the behavior with different threat score values.