Let's assume you already know which subnet the addresses belong to (if you have more than one subnet, that is) – that can be easily discovered by checking routing tables.
Learn the device's MAC address (use arp -an
, ip neigh
, arping
... on a PC on the same subnet), and check its prefix against IEEE's OUI table. (There are various "OUI lookup" websites.) While the result isn't always the same as the whole device's manufacturer, it's still fairly common.
Having the same MAC address, connect to one of your 'managed' / 'smart', and search its "MAC table" for the address – you'll find out the switch port that it was last seen on. If that port goes to another managed switch, repeat the process, until there are no more switches that can be asked.
If you still end up with a large piece of network to search (or if the subnet doesn't have any managed switches), and aren't afraid of some downtime, cut the network in half and check which half can still reach the mysterious address. Repeat until found.