I don't routinely follow this list, so I'm not sure how much of this is common knowledge already, but... http://blogs.cisco.com/security/talos/help-my-ip-address-has-been-hijacked/ Current route announcements for AS201640: 36.0.56.0/21 probable hijack - China 41.92.206.0/23 probable hijack - Cameroon 41.198.80.0/20 probable hijack - South Africa 41.198.224.0/20 probable hijack - South Africa 61.242.128.0/19 probable hijack - China 119.227.224.0/19 probable hijack - India 123.29.96.0/19 probable hijack - Vietnam 177.22.117.0/24 probable hijack - Brazil 187.189.158.0/23 probable hijack - Mexico 202.39.112.0/20 probable hijack - Taiwan Network Information Center 210.57.0.0/19 probable hijack - Telstra/Japan It would appear that AS201640 may possibly exist at the present time only for the purpose of providing illicitly obtained IP space for spammers, including but not limited to the ""Mike Prescott" mentioned in the Cisco blog entry cited above. The spammer, "Mike Prescott"... not his real last name... has also been spotted spewing from IP space routed by AS200002, which is AS201640's only connection to the rest of the world. Coincidence? You be the judge. Regards, rfg P.S. If anybody is able to look up _all_ of the route announcements that have been made by AS201640 over the past few months, I for one would definitely like to see those. Please e-mail them to me off list. I already know that "Mike Prescott" has been spewing from at least one of the above current announcements (202.39.112.0/20) and probably all of the others too. But there are additional route announcements that have already been withdrawn, and I'd like to check those for "Mike Prescott" footprints also. P.P.S. To the real "Mike P."... on the off chance that he might see this... You can run, but you don't hide very well. You should have gotten out of the game in 1998 when you had the chance. Maybe the Powers That Be will lock you up this time.