As you noted, it certainly doesn't appear to be a Google address.
RIPE, the Regional Internet
Registry (RIR) for Europe, i.e., the organization that doles out IP address space to European entitites, lists 46.134.200.108 as part of the block of addresses in the range 46.134.192.0 - 46.134.255.255 that it has assigned as follows:
org-name:PTK-Centertel
org-type:Other
address:Orange Polska S.A.
address:Al. Jerozolimskie 160
address:02-326 Warszawa
address:POLAND
You can emulate the commands a web browser issues to a server and see the server's response using telnet. If you have a Linux or OS X system, you likely already have that utility. Microsoft no longer has that utility as part of a default Windows installation, but
PuTTY is a free program available for Microsoft Windows systems that provides
SSH and telnet client support; PuTTY can be used to emulate a web browser, also. If you do so, you will see that when a browser connects to the 46.134.200.108 address that it is automatically redirected to www.google.com (I've bolded the commands you would type) by the server returning a HTTP 301 status code:
$ telnet 46.134.200.108 80
Trying 46.134.200.10...
Connected to 46.134.200.10.
Escape character is '^]'.
GET / HTTP/1.1
Host: google.com
HTTP/1.1 301 Moved Permanently
Location: http://www.google.com/
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jul 2015 00:51:14 GMT
Expires: Sun, 23 Aug 2015 00:51:14 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 219
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alternate-Protocol: 80:quic,p=0
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>`
Connection closed by foreign host.
Your browser will normally automatically go to the URL provided after "Location:", so you won't normally see the "document has moved" message.
I also noticed I got the same results when I used telnet 46.134.200.10 80
, i.e., I inadvertently left off the "8" from "108", so there appear to be multiple IP addresses assigned to your ISP that also handle queries for google.com.
If you connect to http://google.com on some other address assigned to Google, though, say 216.58.217.142 (iad23s43-in-f142.1e100.net)
, which the
American Registry for Internet Numbers (ARIN) shows is assigned to Google, you will see the same redirection occur if you use http://google.com. I.e., you will be redirected to http://www.google.com. What IP address do you see if you perform an nslookup on www.google.com?
To determine why your ISP is returning one of its own addresses if you look up google.com, you might have to question the ISP. Google is now automatically redirecting HTTP traffic to HTTPS, so unless your ISP has somehow managed to get you to install a security certificate on your systems that allows one of the ISP's systems to function as a man-in-the-middle tricking your system into thinking it is dealing with a Google system when it is not, your traffic should be encrypted and hidden from the ISP once your browser is redirected to use HTTPs rather than HTTP with https://www.google.com, or perhaps it is https://www.google.pl/ for you.
Google has a distributed network architecture for load balancing, so people in different parts of the world will see different IP addresses returned when they look up an IP address for Google.com. Even people in different areas of the same country may see different IP addresses. And, since Google uses a round-robin DNS technique, also, someone's system may look up an IP address for google.com now and get one IP address, but when it looks up the address an hour later get another IP address. E.g., here's what I see from one site in the U.S. when I perform an nslookup for google.com:
Name: google.com
Addresses: 173.194.121.7, 173.194.121.3, 173.194.121.1, 173.194.121.2
173.194.121.6, 173.194.121.4, 173.194.121.9, 173.194.121.8, 173.194.121.5
173.194.121.0, 173.194.121.14
As you can see a list of IP addresses is returned, not just one. Any of those IP addresses could be used to access Google's search engine.
I suppose it is possible Google has an arrangement with your ISP for load balancing purposes in Poland rather than your ISP doing anything shady. Google has a global presence and it makes sense to refer systems in Poland to network resources in Poland that are geographically and thus likely closer in network hops as well, e.g., https://www.google.pl/. The fqdn www.google.pl resolves to 216.58.217.131 on the system in the U.S. I'm on at the moment, but may not resolve to that address for anyone in Poland.
How are you determining what the name resolution is? – EBGreen – 2015-07-23T21:43:28.567
1Also be aware that almost all ISPs play with the traffic. Especially for individual users. – EBGreen – 2015-07-23T21:44:06.863