Charlie, Thanks for the technical questions. The full evidence archive (with PII redacted) is available. To directly answer your requests: UTC timestamps & affected prefixes: Hijack window: 2026-05-16 to 2026-05-17 UTC. The attacker's own BIRD config shows manual injection of China Telecom's IPv6 backbone (240e::/20) on May 1 (premeditation). Full list of the 3,948 hijacked IPv4 prefixes is from Hurricane Electric's BGP data, timestamped on May 16-17. Traceroutes/MTRs: From my network (victim) to the attacker's infrastructure: as20473--nrt6.global.tianshome.net (log available in the archive). From attacker's Shanghai Looking Glass to my home IP: direct trace available in the archive. BGP collector / looking-glass sources: Hurricane Electric: https://bgp.he.net/AS202734 RIPE RIS data confirms the hijack peak during May 16-17. Attacker's own Looking Glass: https://lg.tianshome.net The complete evidence archive (PII redacted, including raw logs and emails) is available upon request to avoid cluttering the list. I will not attach files directly here. Thank you for helping validate this incident.