Hard to tell what they’re doing, but it looks really shady.
dig www.google.com @18.104.22.168
; < <>> DiG 9.4.2 < <>> www.google.com @22.214.171.124
;; global options: printcmd
;; Got answer:
;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 56932 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.google.com. IN A ;; ANSWER SECTION: www.google.com. 30 IN CNAME google.navigation.opendns.com. google.navigation.opendns.com. 30 IN A 126.96.36.199 google.navigation.opendns.com. 30 IN A 188.8.131.52 ;; Query time: 11 msec ;; SERVER: 184.108.40.206#53(220.127.116.11) ;; WHEN: Fri Jun 13 12:28:02 2008 ;; MSG SIZE rcvd: 104
Nothing shady at all. Go into any of the networks in your account and read the explanation under the “network shortcuts” preference. You can turn it off but it’s not shady at all. In fact, we peer with Google at just about every site we operate meaning from our network to theirs is never more than one hop away. 🙂