See: https://www.virustotal.com/nl/url/36db5a51bf585b87b933624383c5bb07f10770e8ba4de92795907f65ed9c30c2/analysis/1423234598/
Suspicious: “The malware entry is cached and may not reflect the current status of the domain. You can request re-consideration by Quttera malware research team.” See: http://sitecheck.sucuri.net/results/abeva.nl
SpamHaus: abeva.nl is listed in the DBL
Re: http://zulu.zscaler.com/submission/show/db104a53e751cc05d0debb723e5d51f8-1423234902
IDS alert for “ET TROJAN Possible Compromised Host Sinkhole Cookie Value Snkz” - source IP 195.22.26.253
Sinkhole by Anubis Networks: -ns1.csof.net Zone modified: http://www.dnsinspect.com/abeva.nl/1423235352
See: http://whois.domaintools.com/abeva.nl
Read on the Sinkholing: http://blog.malwaremustdie.org/2013/07/the-come-back-of-ru-runforrestruns-dga.html

polonus