New hijacks, and lots of them

One particular large and well-distributed snowshoe spamming operation
became the subject of my special scrutiny recently. After seeing all
of the the various apparently hijacked IP blocks that this particular
snowshoe spamming operation seemed to be relying upon for much of its
IP space, it seemed like the right thing to do for me to report on the
whole mess here.

To begin with here are a couple of files which show the full extent of
this particular rather vast snowshoe operation (including both hijacked
and non-hijacked parts). By my count we are talking in excess of 6,300
separate second-level gTLD domain names.

Dredging into this operation more deeply led me to the following con-

Based upon information and belief, the following number resources have
been hijacked, i.e. they either are now, or were in the recent past being
used without proper authorization by a party or parties to whom these
resources were not assigned by any RiR. (Unless otherwise specified
below, these are all ARIN-assigned number resources.)

AS8143 (1)
AS29987 (2)
AS11756 (3) (4)
AS47024 (5)
AS27906 (6)(7) - NET-198-23-32-0-1 (8) - NET-198-57-64-0-1 (9) - NET-199-88-32-0-1 (10) - NET-199-192-16-0-1 (11) - NET-199-196-192-0-1 (12) - GT-AGSA1-LACNIC (13) - NET-204-147-240-0-1 (14) - (NET-207-22-192-0-1) (15) (16)


My apologies to anyone and everyone who tried to get at these files.
It seems that my provider may perhaps have recently developed some
rather odd ideas about packet filtering for static broadband lines.
Until I can get the problem worked out, the following alternative URLs
ought to do instead: