Since this thread started as comparison of the tools, there are two issues
1. Which BGP feeds the tools use? RIPE, RouteViews, other private feeds.
2. How they decide what to send and what not to send?
In this case, BGPMon detected an event that was not detected by others, and
there might be other hijacks that were local in scope where PHAS or Watchmy
might catch something that BGPMon does not. But that does not make one tool
better than the other, unless this pattern is repeated.
Eventually all tools will catch up with each other on the feeds (or so is
the hope), so the difference will then lie in "the decision of what to send
and what to drop", and as Todd mentioned, thresholding is very critical
here.
Mohit