User-Agent Parser

Parsed client profile

Mode:

Auto detect extracts a User-Agent header when present, then falls back to the first non-empty line; pinned modes bypass detection.

User-agent source:

Source text follows the selected mode above. Use current UA also checks Client Hints when this browser exposes them.

Parsing updates locally as the source, mode, or review controls change.

Review focus:

Support Analytics Bot review

Bot detection:

Use Broad for log triage; use Strict when avoiding false positives matters most.

Version detail:

Controls summary, profile, review-note, and JSON version formatting.

Field	Value	Evidence	Copy
{{ row.field }}	{{ row.value }}	{{ row.evidence }}

Position	Token	Type	Meaning	Copy
{{ row.position }}	{{ row.token }}	{{ row.type }}	{{ row.meaning }}

Signal	Status	Note	Copy
{{ row.signal }}	{{ row.status }}	{{ row.note }}

Check	Status	Evidence	Copy
{{ row.check }}	{{ row.status }}	{{ row.evidence }}

Use	Recommendation	Copy
{{ row.use }}	{{ row.recommendation }}

{{ formattedJson }}

Embed:

Customize

Include current inputs

Size

Advanced

Width

Height

Aspect ratio

Max height

Collapsible embed

Allow fullscreen

Referrer policy

Sandbox tokens

Every HTTP request comes from some kind of client, but the classic User-Agent value is only that client's self-written label. It may name a browser, rendering engine, operating system, device family, command-line client, crawler, preview bot, or monitoring probe. The label is useful because it travels with ordinary web traffic, but it is not a certificate, login identity, hardware reading, or proof that a request came from the software it names.

User-agent parsing turns that label into a practical reading for support, analytics, log review, and compatibility triage. A copied line can explain why a bug appears in a WebKit-based browser, why crawler traffic should be separated from human sessions, or why a report groups many mobile visitors under one browser family. The same line can mislead when compatibility tokens remain from older web-sniffing rules, when browsers reduce exact version or device detail, or when a script deliberately copies a browser-looking value.

Common User-Agent reading contexts and caution points
Reading context	Useful clue	Caution
Support ticket	Browser family, major version, operating system, and engine clues.	Reproduce the issue before blaming one token, especially on managed or privacy-hardened browsers.
Analytics cleanup	Traffic grouping by browser, platform, device class, or crawler bucket.	Do not over-count patch versions or treat unknown device detail as a missing device.
Bot review	Named crawler, preview, monitoring, command-line, or HTTP-library wording.	Verify important crawler decisions with source network, DNS, policy, and behavior evidence.
Compatibility testing	Likely browser engine and platform family for a reproduction path.	Feature detection is stronger than browser-name sniffing when one web capability is the real question.

Product token: A name and optional version, such as Chrome/124, Safari/604.1, or Googlebot/2.1.
Comment block: The parenthesized part that often contains platform, CPU, device, mobile, and compatibility clues.
Compatibility token: A historical phrase such as Mozilla/5.0 or KHTML, like Gecko that many modern browsers keep so older server logic does not break.
Client Hint: A structured browser-provided hint that can supplement the classic string when the browser and site make that information available.

User-Agent value split into product tokens, platform comments, crawler claims, and verification checks

Common mistakes come from reading the string too literally. Safari can appear in Chrome-derived strings because compatibility tokens remain. A desktop-style platform may appear on some tablets. A crawler name is only a label until the source IP, DNS relationship, and behavior match the crawler's published verification guidance. For web compatibility work, feature detection usually gives a stronger answer than browser-name sniffing.

The useful reading is therefore practical rather than absolute. Treat a parsed user-agent as a fast profile for reproduction, grouping, or triage, then confirm high-stakes decisions with better evidence such as Client Hints, in-browser feature checks, viewport and touch data, source network verification, and request-rate context.

How to Use This Tool:

Use the parser with one raw value, one copied header line, or a small request-header block. The result updates locally as the source text, input shape, review focus, bot sensitivity, or version detail changes.

Paste text into User-agent source, choose Use current UA, or load the desktop, mobile, or bot sample. The summary should change from Input needs a user-agent to a browser, platform, or client label.
Set Mode to match the pasted material. Auto detect uses a visible User-Agent header when it finds one and otherwise falls back to the first non-empty line; Raw user-agent string reads one direct value; HTTP headers with User-Agent requires that header name.
Pick Review focus for the follow-up notes. Support prepares reproduction language, Analytics prepares grouping guidance, and Bot review prepares crawler and automation checks.
Choose Bot detection. Strict keeps to named crawlers, Balanced includes common crawler and preview wording, and Broad also flags command-line clients, HTTP libraries, API clients, and headless browsers.
Open Advanced when version detail changes the job. Use Full version strings for support tickets and Major versions only when the result is mainly for traffic grouping.
Read Profile Snapshot first, then inspect UA Token Map and Bot & Compatibility when a field looks surprising. Use Client Hint Check only as a comparison for the current browser value, not for unrelated pasted log values.
If the tool reports No User-Agent header was found, Paste one user-agent string or load a sample, or an ignored extra-line warning, correct the pasted source before using the profile rows in a ticket or report.

For a useful handoff, keep the original value together with Source shape, Browser, Operating system, Device class, Bot signal, the relevant token rows, and the selected review note.

Interpreting Results:

Trust the evidence rows more than the summary headline. Browser, Rendering engine, Operating system, Device class, Device model, and CPU arch are extracted from visible tokens or parser matches, so Unknown means the string does not expose enough evidence for that field. It does not prove that the client lacks that property.

User-agent parser result areas and confidence checks
Result area	Best use	Confidence check
Profile Snapshot	Turn one copied value into browser, engine, platform, device, CPU, bot, and source-shape rows.	Reproduce important browser issues in the named browser or engine before treating the profile as the cause.
UA Token Map	See the product and comment tokens behind each parsed field.	Check this table when a browser, platform, or bot label looks too generic or inconsistent.
Bot & Compatibility	Review crawler, automation, sparse-token, Client Hints, and security caveats.	Verify crawler identity with source IP, reverse and forward DNS, published ranges, request cadence, and behavior.
Client Hint Check	Compare the current browser's structured hints with the current browser's classic string.	Do not compare those rows to a pasted log value unless the log also captured matching Client Hint headers.
Support Handoff, Analytics Cleanup, or Bot Review	Use the selected focus tab for ticket wording, traffic grouping, or crawler triage.	Keep the same focus when comparing two values so the recommendations stay comparable.

The main false-confidence risk is identity. A string can claim Chrome, Safari, a mobile device, or Googlebot without proving it. Use the parsed result as a clue, then confirm compatibility with feature checks and confirm crawler policy decisions with network and DNS evidence.

Technical Details:

The HTTP User-Agent field is built from product identifiers and optional comments. Product identifiers carry names and versions, while comments carry platform and device clues in a less formal shape. The grammar allows several products in one field, which is why modern browser values can mention a browser family, rendering engine, legacy compatibility prefix, and a Safari compatibility token in the same string.

User-agent sniffing became fragile because servers learned to serve different content based on names rather than capabilities. Browsers kept adding compatibility tokens to avoid broken sites, and newer privacy work reduces some high-entropy details such as exact platform versions or device models. User-Agent Client Hints were introduced to move selected details into a more structured request model, but availability depends on browser support and what a site requests or receives.

Transformation Core

The useful transformation has three stages: choose one candidate value, parse profile fields from its tokens, and apply review rules that change only the guidance around the parsed profile.

User-agent input extraction rules
Input setting	Accepted text	Selection rule	Warning or failure
Auto-detect	One raw value or copied request headers.	Uses a User-Agent header line when one is present, then falls back to the first non-empty line.	Extra non-empty raw lines are ignored and reported.
Raw string	One classic user-agent value.	Uses the first non-empty line as the value to parse.	Empty input asks for a pasted value or sample.
Header block	HTTP request header lines.	Requires a header whose name is User-Agent.	Missing User-Agent header produces the no-header error.

Token and Field Map

Token classification is evidence-based. The token map keeps raw pieces visible so a reader can tell whether a profile field came from a browser product, an engine token, a platform comment, a crawler word, or a compatibility phrase.

User-agent token categories and result meaning
Token category	Common examples	Result meaning
Browser	`Chrome/124`, `Firefox/125`, `Edg/124`, `Version/17.5`.	Supports the Browser and Browser version rows.
Engine	`AppleWebKit/537.36`, `Gecko/20100101`, `Trident/7.0`.	Supports the Rendering engine row or explains compatibility naming.
Platform	`Windows NT 10.0`, `Mac OS X`, `Android`, `iPhone`, `x64`.	Supports Operating system, Device class, Device model, and CPU arch when the string exposes enough detail.
Crawler or automation	`Googlebot`, `Bingbot`, `Slackbot`, `curl`, `HeadlessChrome`.	Feeds Bot signal and the bot-review recommendations.
Compatibility	`Mozilla/5.0`, `KHTML, like Gecko`, browser compatibility product names.	Explains historical strings that should not be read as literal browser identity.

Bot Signal Rules

Bot detection is a triage rule set over text tokens. It can separate obvious crawlers and automation clients from ordinary browser-shaped traffic, but it cannot authenticate a crawler or decide whether a scripted client is abusive.

Bot detection sensitivity levels and limits
Sensitivity	Matches included	Best use	Limit
Strict	Named crawlers and known preview clients.	Reduce false positives while checking ordinary browser traffic.	Scripted clients without known names may remain unflagged.
Balanced	Named crawlers plus generic crawler, preview, scanner, and monitor terms.	Routine access-log triage where crawler wording matters.	Generic words can appear in copied, custom, or misleading strings.
Broad	Balanced matches plus command-line clients, HTTP libraries, API clients, and headless browser terms.	Incident review, scraper triage, and automation-heavy logs.	Many API clients are legitimate, so blocking needs stronger evidence.

Worked Mechanism Path

A copied header block with Host, User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36, and Accept in Auto-detect mode becomes one extracted value. The profile rows identify Chrome, macOS, a desktop or unknown device class, and the visible engine and compatibility tokens. The token map keeps the platform comment and product tokens separate, while Bot & Compatibility reports no crawler match unless the string contains a named crawler, generic bot wording, or an automation token included by the selected sensitivity.

Privacy and Accuracy Notes:

The pasted value is parsed in the browser session and is not sent to a user-agent lookup service by this parser. Normal page assets may still load as part of the site, so treat copied logs and ticket text with the same care you would use in any browser-based support workflow.

Copied header blocks can include private hostnames, IP addresses, authorization-adjacent notes, or session details. Remove unrelated lines before sharing a parsed result.
Reduced or frozen browser strings may hide exact platform version, minor browser version, architecture, or device model detail.
Client Hints describe the browser session that exposes them. They do not retroactively describe a pasted log entry unless those hints were captured with that request.
A crawler label is self-reported. Verify source IP, reverse and forward DNS, published crawler ranges, robots behavior, and request cadence before allow-listing or blocking traffic.
Browser compatibility decisions should be confirmed with feature detection or direct reproduction, especially when extensions, enterprise policy, privacy settings, viewport size, or device sensors may affect behavior.

Worked Examples:

Support ticket from a desktop browser

A value such as Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 should produce Browser as Chrome, Operating system as macOS, Device class as desktop or unknown, and Bot signal as no crawler hint in Balanced mode. Use Ticket summary and Compatibility next check to reproduce the issue in a matching browser before blaming a specific version token.

Crawler traffic in an access log

A value containing Googlebot/2.1 makes Bot signal show Googlebot and sets the bot status to crawler. In Bot Review, the recommendations ask you to keep the raw value, source IP, timestamp, requested URL, and token map. That is enough for a triage note, but an allow-list decision still needs the published DNS verification process.

Broad automation review

A string such as curl/8.5.0 may remain unflagged in Strict mode because it is not a named crawler. Switch Bot detection to Broad and Bot & Compatibility should identify an automation or command-line client clue. Treat that as log context rather than abuse proof, because many legitimate monitors and integrations use command-line or library clients.

Header block without the field

If Input shape is HTTP headers with User-Agent and the pasted block only contains Host and Accept, the summary stays at Input needs a user-agent and Profile Snapshot shows Input status as needing edit. Paste the original User-Agent header or switch to raw mode with a single actual value.

FAQ:

Can a user-agent prove which browser made the request?

No. A User-Agent value is self-reported and may be reduced, spoofed, copied, or generated by a script. Use Profile Snapshot as a support clue, then confirm important compatibility decisions with feature checks or Client Hints.

Why did the parser ignore extra pasted lines?

The parser reads one User-Agent value at a time. In raw mode, or in auto-detect mode when no header line is found, it uses the first non-empty line and reports the remaining non-empty lines as ignored.

Why is the device model unknown?

Many browser strings do not expose model detail, and reduced user-agent policies can hide it deliberately. Check UA Token Map for platform clues and use Client Hints or a separate browser diagnostics report when model detail matters.

Which bot detection setting should I use?

Use Strict when false positives matter most, Balanced for normal crawler triage, and Broad when command-line clients, HTTP libraries, API clients, and headless browsers should be called out for review.

Does Use current UA send my browser value away for parsing?

No. Use current UA reads the browser's visible value and parses it in the page session. Review copied header blocks before sharing because they may contain more sensitive text than the User-Agent value.

Glossary:

User-Agent: The HTTP request field that identifies client software and related compatibility details.
Product token: A name and optional version segment such as Chrome/124, AppleWebKit/537.36, or Googlebot/2.1.
Comment block: A parenthesized part of the string that often carries platform, CPU, device, mobile, and compatibility clues.
User-Agent Client Hints: Structured browser and platform hints that can supplement or replace some detail from the classic string when available.
Crawler: An automated client that requests pages for search, preview, monitoring, indexing, testing, or related tasks.
Feature detection: Checking whether a browser supports a specific web capability instead of assuming support from its name or version.

References:

RFC 9110, Section 10.1.5: User-Agent, IETF HTTP Working Group, June 2022.
User-Agent header, MDN Web Docs.
User-Agent reduction, MDN Web Docs.
User-Agent Client Hints API, MDN Web Docs.
Verifying Googlebot and other Google crawlers, Google Search Central.
How to change the user agent string in cURL, Simplified Guide.
How to change the user agent in wget, Simplified Guide.
How to block user agents in Nginx, Simplified Guide.
How to block user agents in Apache, Simplified Guide.