JD wrote:
> Rhonda Lea Kirk Fries wrote:
>> JD wrote:
>>> Rhonda Lea Kirk Fries wrote:
>>>> JD wrote:
>>>>> Anybody else get this little nugget as an e-mail? I received this
>>>>> e-mail this evening:
>>>>>
>>>>> The Header:
>>>>>
>>>>> Subject: Action Required : Download New Adobe Acrobat Reader For
>>>>> Your PC From: Adobe System Incorporated<adobe@news.mondino.de>
>>>>> Date: Tue, 12 Apr 2011 03:45:54 +0200 (CEST)
>>>>> To: JD
>>>>> X-Account-Key: account8
>>>>> X-UIDL: _TEG.Y76oNB.mxin5.lsn.net
>>>>> X-Mozilla-Status: 0001
>>>>> X-Mozilla-Status2: 00000000
>>>>> Return-Path:<return@news.mondino.de>
>>>>> Received: from mail17-43.srv2.de (mail17-43.srv2.de
>>>>> [193.169.180.43]) by mxin5.lsn.net (8.13.5/8.13.5)
>>>>> with ESMTP id p3C1jxtr024840 for<JD>; Mon, 11 Apr 2011 20:45:59
>>>>> -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed;
>>>>> s=mailing; d=news.mondino.de; h=Message-
>>>>> IDate:From:Reply-To:To:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding;
>>>>> i=adobe@news.mondino.de; bh=SJh9qAsU5qQFqBcfVw8+8+6QlkI=;
>>>>> b=ApGSRTBhDUyYxvTaxfJSb00/pluigsyUBaf1+lqDb7FOVkPjs6AWAL8K4v/pe4V5KemAQ/OowmA+
>>>>> q4Evcx9dWTDBNsDH3bc8IajR31XGS7i4v8xUqGCOuo0Lg98f1w AoUbQlTTuZARlzT/uJY2BvFjMH
>>>>> eE+fR104TWIrFbL7c+c=
>>>>> DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=mailing;
>>>>> d=news.mondino.de;
>>>>> b=KOzvjzQNr337Z8hyXhsTzmvdh1mZdG8aMoAqIst3p7f0jtSL pVS/BTfMfHUjtaE3MVIoLMbyvDMz
>>>>> xETp4pqQlTXgj6yUMxUqy7k+t1BZJu4YrSfl1nx7RkMMRuCAxL iwDLngq3SKbAqfcGGuTbjTW2wd
>>>>> Qvf4LDK75vsAX8///K4=;
>>>>> Received: by mail17-43.srv2.de id hkend60farc5 for<JD>; Tue, 12
>>>>> Apr 2011 03:45:54 +0200 (envelope-from<return@news.mondino.de>)
>>>>> Message-ID:
>>>>> <re-pN_5FX6wx3ClsIviABerb7H7_5FiwLrngh1pj4JZkD-EGBXOR2-1UYSX2ZAMD9PL@
>>>>> news.mondino.de>
>>>>> Reply-To: re-EGBXOR2-1UYSX2Z-5Z81EJT@news.mondino.de
>>>>> MIME-Version: 1.0
>>>>> Content-Type: text/html; charset=ISO-8859-1
>>>>> Content-Transfer-Encoding: 7bit
>>>>> X-ulpe:
>>>>> re-pN_5FX6wx3ClsIviABerb7H7_5FiwLrngh1pj4JZkD-EGBXOR2-1UYSX2ZAMD9PL@
>>>>> news.mondino.de X-Virus-Scanned: clamav-milter 0.95.2 at
>>>>> ns2.lsn.net X-Virus-Status: Clean
>>>>>
>>>>> The body of the e-mail:
>>>>>
>>>>> INTRODUCING UPGRADED ADOBE ACROBAT READER
>>>>> Dear Customers,
>>>>> Adobe is pleased to announce new version upgrades for Adobe
>>>>> Acrobat Reader. Download Now To Try Us Out
>>>>> (hxxp://www.adobe-download6.com/) Advanced features include:
>>>>> - Collaborate across borders
>>>>> - Create rich, polished PDF files from any application that prints
>>>>> - Ensure visual fidelity
>>>>> - Encrypt and share PDF files more securely
>>>>> - Use the standard for document archival and exchange
>>>>> To upgrade and enhance your work productivity today, go to:
>>>>> Action Required : Download New Adobe Acrobat Reader For Your PC
>>>>> Adobe Acrobat Reader Upgrade Center
>>>>> (hxxp://www.adobe-download6.com/) Start downloading the update
>>>>> right now and let us know what you think about it.
>>>>> We're working on making Adobe Acrobat Reader better all the time !
>>>>> Copyright 2011 Adobe Systems Incorporated. All rights reserved.
>>>>> Adobe Systems Incorporated
>>>>> 343 Preston Street
>>>>> Ottawa, ON K1S 1N4
>>>>> Canada
>>>>> Action Required : Download New Adobe Acrobat Reader For Your PC
>>>>>
>>>>> There were two places to click on the following link, as I've
>>>>> added in the above message:
>>>>>
>>>>> (hxxp://www.adobe-download6.com/) Munged to be non-active links.
>>>>>
>>>>> Of course I didn't try either link but how would I report this to
>>>>> Adobe? It can't be real, right?
>>>>
>>>> IP address: 91.220.62.56
>>>> Host name: adobe-download6.com
>>>> Alias: adobe-download6.com
>>>> 91.220.62.56 is from Russian Federation(RU) in region Eastern
>>>> Europe
>>>
>>> How did you find the IP address?
>>
>> Go to http://network-tools.com/
>> Tick the "Express" radio button (usually it's already selected)
>> Input "adobe-download6.com" (or any other site name)
>> Click "Go"
>> Wait for the results
>>
>
> network-tools.com has been added to my WhoIs notes.
>
> When I input the questionable web page adobe-download6.com it times
> out in the traceroute. Does that mean the web page is already gone?

Not always, but the page *is* gone.