How to Find the Vendor of a MAC Address

Read the manufacturer out of a MAC address using its OUI prefix, tell a real vendor apart from a randomized address, and check the local and multicast flags.

Updated 6 min read By CodingEagles
Free tool MAC Address Vendor Lookup Find the manufacturer behind any MAC address, fully offline. Open tool

Every network interface has a MAC address, and the first half of it names the company that made the hardware. To find the vendor, take the first six hex digits, known as the OUI, and look them up against the registry of assigned blocks. For B8:27:EB:1A:2B:3C the OUI is B827EB, which is the Raspberry Pi Foundation. The MAC address lookup does this from a built-in list of common manufacturers, and also tells you when an address was set by software rather than burned in.

That is the quick answer. The rest of this explains how the address is laid out, why some lookups come back empty, and what the other flags in the first byte mean.

A MAC address is two halves

A MAC address is 48 bits, written as twelve hex digits and usually grouped in pairs: B8:27:EB:1A:2B:3C. It splits cleanly down the middle.

  • The first three octets (B8:27:EB) are the OUI, the Organizationally Unique Identifier. The IEEE hands out these blocks to manufacturers, so this half is the maker’s fingerprint.
  • The last three octets (1A:2B:3C) are chosen by that manufacturer to make each device unique within their block.

So finding the vendor is really just reading the OUI and matching it to whoever the IEEE assigned it to. A manufacturer often holds dozens of OUI blocks, which is why one company shows up under many different prefixes.

Reading the OUI

You do not need to convert anything. Copy the first six hex digits, drop the separators, and you have the OUI. These all describe the same prefix:

B8:27:EB    B8-27-EB    B827.EB     B827EB

Match B827EB against the registry and you get the Raspberry Pi Foundation. The lookup tool accepts any of those formats, and it accepts just the six-digit prefix on its own if that is all you have.

A few prefixes are worth recognising on sight because they turn up constantly in virtual environments:

OUIBelongs to
005056VMware
000C29VMware
525400QEMU / KVM virtual machines
B827EBRaspberry Pi Foundation
001A2B(example, not assigned)

When the lookup comes back empty

A blank or “not in the list” result almost always means one of two things, and they are different.

The first is simple coverage. A lookup that runs from a built-in list of common vendors will not hold every block the IEEE has ever assigned, so a perfectly valid address can go unmatched. The address is fine; the maker is just not in this particular list.

The second is more interesting. The address may have been assigned by software, not by a manufacturer at all, and that is something you can detect directly.

The two flags hiding in the first byte

The lowest two bits of the very first octet are not part of the device identity. They are control flags, and they change how you read the rest of the address.

The local bit (U/L). If this bit is set, the address is locally administered: it was chosen by software rather than burned in at the factory. Virtual machines do this, and so does the MAC randomisation that phones and laptops now use to stop networks tracking them across Wi-Fi. When this bit is set, the OUI is made up, so looking up a vendor is pointless. The lookup tool flags this for you so you do not chase a manufacturer that was never there.

The group bit (I/G). If this bit is set, the address is a multicast or broadcast address meant to reach many interfaces at once, not a single device. The all-ones address FF:FF:FF:FF:FF:FF is the broadcast address. These also have no single manufacturer.

A quick way to spot a locally-administered address by eye: look at the second hex digit of the MAC. If it is 2, 6, A or E, the local bit is set. So B8:27:EB... is real hardware, but B2:27:EB... would be software-assigned.

Why this matters in practice

Reading the vendor turns an anonymous string into a useful clue. An unknown MAC in your router’s client list becomes “that’s the new printer” once the OUI resolves to the printer’s maker. A device you cannot place might resolve to a vendor you recognise, or might come back locally administered, which tells you it is a VM, a privacy-randomised phone or something deliberately masking itself.

It also sets expectations honestly. If a MAC is randomised, no lookup anywhere will name the device, because there is nothing real to name. Knowing that saves you from trusting a vendor field that a tool guessed at.

Doing it in one step

Paste a MAC or just its OUI prefix into the MAC address lookup and it returns the vendor from its built-in list, the OUI, and whether the address is locally administered and unicast or multicast, all in your browser. When the vendor field is empty, the flags tell you whether that is a coverage gap or a sign the address was never tied to real hardware in the first place.

Frequently asked questions

How do I find the manufacturer of a MAC address?
Take the first six hex digits of the address, called the OUI, and look them up against the IEEE registry of assigned blocks. For B8:27:EB:1A:2B:3C the OUI is B827EB, which belongs to the Raspberry Pi Foundation. The MAC vendor lookup does this for you from a built-in list of common manufacturers.
Why can't I find the vendor of some MAC addresses?
Two reasons. The prefix may belong to a maker that is not in the common-vendor list, so it is valid but unmatched. Or the address may be locally administered, meaning it was assigned by software, in which case its prefix points to no real hardware at all.
What is the OUI in a MAC address?
The OUI, or Organizationally Unique Identifier, is the first three octets of the address. The IEEE assigns each block to one manufacturer, so those leading digits identify who built the network interface. The last three octets are the device's own serial part.

Ready to try it?

Find the manufacturer behind any MAC address, fully offline. Free, in-browser, and 100% private — your data never leaves your device.

Open the MAC Address Vendor Lookup

More tools

JSON Formatter & ValidatorBeautify, minify, validate JSON with a collapsible tree view.Code Formatter & MinifierPretty-print or minify JS, TS, CSS, HTML, JSON, SQL and more.YAML ⇄ JSON ⇄ TOML ConverterConvert config between YAML, JSON and TOML, both ways.JSON Schema Viewer & ValidatorRender a JSON Schema as a tree and validate data against it.Markdown Editor (Live Preview)Write Markdown with a live, side-by-side HTML preview.Mermaid Live EditorTurn Mermaid text into flowcharts and diagrams, live.

More from the Hivly network

Free sister tools on our other sites.

Color Palette GeneratorShuffle palettes with the spacebar, lock favourites, copy hex codes.Length ConverterMetres, feet, miles, inches, km and more, instantly.Word CounterCount words, characters, sentences and reading time live.