NextDNS has an option to block RRDs.

I don't know if it does anything for suspicious AS.