1.1.1.1 是哪裡的 IP？

1. Unix自帶whois 命令

interesting:~ ssss$ whois 1.1.1.1
#
# Query terms are ambiguous. The query is assumed to be:
# "n 1.1.1.1"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=1.1.1.1?showDetails=trueshowARIN=falseext=netref2
#

NetRange: 1.0.0.0 - 1.255.255.255
CIDR: 1.0.0.0/8
OriginAS:
NetName: APNIC-1
NetHandle: NET-1-0-0-0-1
Parent:
NetType: Allocated to APNIC
Comment: This IP address range is not registered in the ARIN database.
Comment: For details, refer to the APNIC Whois Database via
Comment: http://WHOIS.APNIC.NET or APNIC - Query the APNIC Whois Database
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to APNIC - About network abuse
RegDate:
Updated: 2010-07-30
Ref: http://whois.arin.net/rest/net/NET-1-0-0-0-1

OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: http://whois.arin.net/rest/org/APNIC

ReferralServer: whois://http://whois.apnic.net

OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: http://whois.arin.net/rest/poc/AWC12-ARIN

OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: http://whois.arin.net/rest/poc/AWC12-ARIN

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: WHOIS Terms of Use
#

% [http://whois.apnic.net node-6]
% Whois data copyright terms APNIC - APNIC Whois Database Acceptable Use Agreement

inetnum: 1.1.1.0 - 1.1.1.255
netname: Debogon-prefix
descr: APNIC Debogon Project
descr: APNIC Pty Ltd
country: AU
admin-c: AR302-AP
tech-c: AR302-AP
mnt-by: APNIC-HM
mnt-routes: MAINT-AU-APNIC-GM85-AP
mnt-irt: IRT-APNICRANDNET-AU
status: ASSIGNED PORTABLE
changed: hm-changed@apnic.net 20110922
source: APNIC

role: APNIC RESEARCH
address: PO Box 3646
address: South Brisbane, QLD 4101
address: Australia
country: AU
phone: +61-7-3858-3188
fax-no: +61-7-3858-3199
e-mail: research@apnic.net
remarks: ++++++++++++++++++
remarks: + Address blocks listed with this contact
remarks: + are withheld from general use and are
remarks: + only routed briefly for passive testing.
remarks: +
remarks: + If you are receiving unwanted traffic
remarks: + it is almost certainly spoofed source
remarks: + or hijacked address usage.
remarks: +
remarks: + IP address spoofing
remarks: + Regional Internet registry
remarks: +
remarks: ++++++++++++++++++
nic-hdl: AR302-AP
tech-c: AH256-AP
admin-c: AH256-AP
mnt-by: MAINT-APNIC-AP
changed: hm-changed@apnic.net 20110822
source: APNIC

1. Windows下面下載工具可以查詢：

Whois

1. 在RIR的whois網頁上查詢：

APNIC - Query the APNIC Whois Database

從上面的一段可以看出，這個地址段是試驗性IP，擁有者是APNIC Research，用作被動測試（Passive testing），也就是說你可以收到路由，但是不應該收到由此地址段發來的數據包。

這個地址是有故事的。

由於大量的互聯網設備是由非專業人士配置的（特別是早先），很多人不懂什麼叫私網地址，更不知道怎麼用，在配置他的設備時隨便用1.1.1.1這樣的地址，但這樣就有問題了，1.1.1.1不是私網地址，所以在很多情況下數據包就會被路由到公網（Internet）上。

由於有大量的這樣垃圾數據跑到了互聯網上，最終確實就會被路由到擁有1.1.1.1這個地址的設備上，對於這個設備來說就好像不停地承受著DDOS攻擊, 正常公司誰也不想，也難以承受這麼大量的數據。

所以最後決定留在APNIC(亞太互聯網信息中心, 負責全亞太地區的IP地址分配的機構)，作為實驗用途使用。據說從中還能分析出很多有趣的事情，具體就不清楚了。

找一台Mac 或者linux的電腦, 在終端敲 "whois 1.1.1.1" 就能看到這個地址的一些信息, 可以看到它是屬於"APNIC-LABS" 也就是APNIC實驗室的.

$ curl ipinfo.io/1.1.1.1
{
"ip": "1.1.1.1",
"hostname": "No Hostname",
"city": null,
"country": "AU",
"loc": "-27.0000,133.0000",
"org": "AS15169 Google Inc."
}