Skip to main content

MAC Lookup

free
GET/v1/network/mac

Identifies the hardware manufacturer from a MAC address using the IEEE OUI database, and detects virtual machines, randomized/private MACs (iOS 14+, Android 10+, Windows), broadcast, and multicast addresses. Covers 30,000+ vendor OUIs from the full IEEE MA-L registry including Cisco, Apple, Samsung, Huawei, Ubiquiti, and all major virtualization platforms per IEEE 802 and RFC 7042.

What It Does

Parses the OUI (first 24 bits) of a MAC address to identify the manufacturer, then analyzes the U/L and I/G bits to classify the address type. Detects virtual machine MACs (VMware, VirtualBox, Hyper-V, QEMU/KVM, Xen, Parallels), identifies randomized MACs from mobile devices using MAC address randomization (iOS 14+, Android 10+), and classifies addresses as UAA (Universally Administered) or LAA (Locally Administered). Accepts colon, hyphen, no-separator, and Cisco dot formats.

Why It's Useful

MAC vendor identification is the first step in network device profiling for asset management, NAC (Network Access Control), and security monitoring. The VM and randomized MAC detection is critical for modern networks where mobile devices use per-network random MACs and cloud workloads run on virtual NICs — both of which break traditional MAC-based identification.

Use Cases

Network Administrator

Network Asset Discovery

Identify unknown devices on the network by looking up MAC addresses from switch port tables, ARP tables, or DHCP logs. Detect virtual machines and IoT devices automatically.

Maintain accurate network inventory and detect shadow IT without physical device inspection.

Security Analyst

Randomized MAC Detection (BYOD)

Detect devices using randomized MAC addresses (iOS 14+, Android 10+, Windows) that bypass MAC-based access controls and tracking. Identify when NAC policies are being circumvented.

Adapt security policies for modern BYOD environments where MAC randomization is the default.

Cloud Security Engineer

Virtual Machine & Container Detection

Identify virtual machine and container workloads on the network by detecting VM-specific OUI prefixes (VMware, Hyper-V, QEMU/KVM, VirtualBox).

Distinguish physical and virtual assets for compliance auditing and attack surface assessment.

Parameters

NameTypeRequiredDescription
macstringRequiredMAC address in any standard format: colon-separated (00:1A:2B:3C:4D:5E), hyphen-separated (00-1A-2B-3C-4D-5E), no separator (001A2B3C4D5E), or Cisco dot format (001A.2B3C.4D5E)Example: 00:50:56:C0:00:08

Response Fields

FieldTypeDescription
macstringThe original MAC address as provided
mac_normalizedstringNormalized to XX:XX:XX:XX:XX:XX format
ouistringThe OUI portion (first 3 octets) used for vendor lookup
vendor.namestringManufacturer/vendor name from IEEE OUI database
vendor.countrystringVendor country of registration (ISO 3166-1 alpha-2)
is_privatebooleanWhether MAC is locally administered (LAA) — U/L bit set
is_multicastbooleanWhether MAC is a multicast address — I/G bit set
is_broadcastbooleanWhether MAC is the broadcast address (FF:FF:FF:FF:FF:FF)
is_virtualbooleanWhether MAC belongs to a known virtualization platform (VMware, VirtualBox, Hyper-V, QEMU, Xen, Parallels)
is_randomizedbooleanWhether MAC appears to be randomized (LAA with no known vendor — common with iOS 14+, Android 10+)
typestringAddress type: unicast, multicast, or broadcast
administrationstringAddress administration: UAA (universally administered) or LAA (locally administered)

Code Examples

cURL
curl "https://api.edgedns.dev/v1/network/mac" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d "mac=00:50:56:C0:00:08"
JavaScript
const response = await fetch(
  'https://api.edgedns.dev/v1/network/mac?mac=00%3A50%3A56%3AC0%3A00%3A08',
  {
    headers: {
      'Authorization': 'Bearer YOUR_API_KEY'
    }
  }
);

const data = await response.json();
console.log(data);
Python
import requests

response = requests.get(
    'https://api.edgedns.dev/v1/network/mac',
    headers={'Authorization': 'Bearer YOUR_API_KEY'},
    params={
    'mac': '00:50:56:C0:00:08'
    }
)

data = response.json()
print(data)

Read the full MAC Lookup guide

Why it matters, real-world use cases, parameters, response fields, and how to call it from Claude, ChatGPT, or Gemini via MCP.

Read the guide →

Related Endpoints

ASN Lookup

Get AS number, organization, and network type

IP Geolocation

Get location, ASN, and org for an IP

External References

Learn more about the standards and protocols behind this endpoint.

IANA AS NumbersIEEE OUI Registry

Try This Endpoint

Test the MAC Lookup endpoint live in the playground.

Open in PlaygroundGet API Key