Hi folks,
Just an example of such a domain: https://spyeyetracker.abuse.ch/monitor.php?ipaddress=31.3.245.212
See: http://sameid.net/ip/31.3.245.212/
More information can be found via a new service of VT: https://www.virustotal.com/en/ip-address/31.3.245.212/information/
Specific example od a malicious DNS and SpyeEye domain is this domain: https://spyeyetracker.abuse.ch/monitor.php?host=bronetbro.com
Let us explore therefore: -bronetbro.com/bad.php
See the recent reports mentioned here: http://urlquery.net/report.php?id=2394235
Also see this malware report for the AS: http://support.clean-mx.de/clean-mx/viruses.php?as=AS35662&response=
Some of the malware from there now dead and earlier detected by avast! https://www.virustotal.com/en/file/8f37a1e1b6dcd98275cdfab380611699fa7a794ce500c0f1f438cde17bce5e65/analysis/
Here avast! detection just one of three that detect: https://www.virustotal.com/en/file/a46d2ec51d7b2110802075408c2a78b95ebe30fea73fdea6ba60df3096a34508/analysis/
polonus