Yeah, it can even be cert pinned, which is probably better than a non pinned end to end tls unless your attacker is local to you, due to the wonders of anycast. Also, like Google, we are constantly looking for malicious stuff like this on our IPs.