User Agent Parser

DEVELOPER PARSING USER AGENT

About this tool

Decode browser, OS, device type, and bot signals from any User-Agent string.

Decode browser, OS, device type, and bot signals from any User-Agent string. Bulk mode for access-log analysis.

RT-DEV-069 · Developer Tools

Paste a User-Agent string

Paste one User-Agent string per line

How to use the User-Agent parser

Pick a mode

"Single" parses one UA at a time and shows the full breakdown. "Bulk" accepts hundreds of UAs (e.g. from an access log) and returns a tabular summary you can download as CSV.

Paste or use a sample

In Single mode, paste your string, click "Use my current User-Agent" to test your own browser, or click one of the sample pills (Chrome, Safari, iPhone, Pixel, UC Browser, Googlebot, Bingbot, AhrefsBot).

Review browser, OS, device, and bot signal

The result card shows browser name + version, OS name + version, device type (desktop / mobile / tablet), rendering engine, and a bot detection flag with the bot name where matched.

Bulk-analyse access logs

In Bulk mode, paste up to a few thousand UA strings; the tool builds a table you can sort visually and download as CSV for Excel or your analytics stack.

User-Agent strings — the legacy that won't die

The HTTP User-Agent header was introduced in 1992 to let servers identify the browser making a request. Thirty-four years later it is still sent by every major browser, but the string itself has accreted so many compatibility layers that modern UAs read like an archaeological dig. Today's Chrome on Windows sends Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 — claiming to be Mozilla, then claiming to be AppleWebKit, then claiming to be like Gecko, then finally identifying as Chrome at the end. None of these are lies in a deep technical sense; they are historical compatibility hacks layered on top of each other for thirty years.

Why parsing is unreliable

The strings have no formal grammar. Every browser invented its own format, then copied bits from competitors to dodge user-agent sniffing rules. The result is that any UA parser is a collection of heuristics, not a parser in the formal sense. The major libraries (ua-parser-js, ua-parser-rs) maintain regex tables that are updated frequently as new browsers and devices ship. The tool above uses a slimmer regex set covering the top ~95% of real-world traffic — Chrome, Safari, Firefox, Edge, Opera, Samsung Internet, UC Browser, plus the major search and SEO bots. For 100% accuracy you'd need a full ua-parser-js install, which we plan to wire in via Vite-bundled JS in a future update.

The Sec-CH-UA replacement (Client Hints)

Google has been deprecating UA strings since 2022, replacing the information they convey with HTTP Client Hints — a set of structured headers like Sec-CH-UA-Platform: "Windows" and Sec-CH-UA-Mobile: ?1. These are easier to parse (no string-mangling) and let browsers volunteer only the information the server actually requests. Chrome already sends a reduced UA string by default, with the full version available only via Client Hints. Firefox and Safari have not adopted Client Hints, so for the foreseeable future you need both UA parsing and Client Hint reading.

Browser distribution in Southeast Asia

One regional quirk worth knowing: Southeast Asia, particularly Malaysia, Indonesia, and Vietnam, has historically had a much higher share of UC Browser (Alibaba-owned, optimised for slow networks) than the global average. As of 2026 the share is declining as Android phones get faster and Chrome ships pre-installed on most devices, but UC Browser still represents 2-4% of mobile traffic in those markets — far higher than its sub-1% global share. Singapore is the regional outlier with browser distribution closer to North America (Chrome 70%, Safari 22%, Edge 5%, Firefox 2%). Bulk-parsing access logs from ASEAN sites with this tool will surface the regional UC Browser traffic that generic global parsers sometimes miss.

Don't sniff UAs for feature detection

The most-common UA-parser misuse is feature detection — checking the UA string to decide whether the browser supports a feature, then enabling or disabling code on that basis. Don't. Use feature detection (if ('IntersectionObserver' in window)) which actually checks whether the feature is available, instead of inferring it from a string that can be spoofed and that lies for compatibility reasons. UA parsing is appropriate for analytics ("what browsers visit my site"), bot detection ("is this a search crawler"), and content variation ("show iOS users the App Store link") — not for deciding whether to call a JavaScript API.

10 User-Agent facts

Every modern browser's UA starts with "Mozilla/5.0" — a compatibility ghost from Netscape Navigator (Mozilla) in the 1990s when servers checked for it to enable advanced features.

Chrome's UA claims "AppleWebKit", "KHTML, like Gecko", and "Safari" all in one string — none of which Chrome actually is. This is pure historical compatibility cruft.

iPad UAs from iOS 13+ identify as desktop Safari by default. Apple changed this to reduce mobile-only redirects; detecting iPad now requires checking navigator.maxTouchPoints.

Googlebot uses two different user agents: the regular crawler ("Googlebot/2.1") and a smartphone variant ("Googlebot Mobile") that's now the primary crawler for mobile-first indexing.

UC Browser, popular in Indonesia, Malaysia, and Vietnam, has a UA that contains "UCBrowser" — easy to detect but easy to miss in generic parsers that don't include Alibaba browsers.

Bot UAs include a URL pointing to documentation — Googlebot includes +http://www.google.com/bot.html. This convention is intentional so admins can identify the bot's purpose.

Chrome's "reduced UA string" project (started 2022) removed exact version numbers from the default UA and moved them to Client Hints — making fingerprinting harder.

WhatsApp, Telegram, and Facebook in-app browsers all use heavily-modified UAs derived from WebView, which is why in-app links often render differently from external browser opens.

UA spoofing is trivially easy in every major browser — DevTools → Network conditions → User agent. This is why feature detection should always replace UA-based feature gating.

The longest real-world UA string on record is over 800 characters, from a Samsung Knox-enrolled enterprise Galaxy device with all device-management identifiers appended.

Frequently asked questions

Why does Chrome's User-Agent claim to be Mozilla, Safari, and Gecko?

Pure historical compatibility. Each token was added at a point in history when sites checked for a specific string to enable a feature; removing any of them would break too many old sites. Modern Chrome thus claims to be every browser that came before it.

It covers Chrome, Safari, Firefox, Edge, Opera, Samsung Internet, UC Browser, and the major search/SEO bots — about 95% of real-world traffic by volume. For 100% device-level accuracy you would need a full ua-parser-js install with regular dataset updates.

No. Use feature detection in JavaScript (if ('IntersectionObserver' in window)). UA strings lie for compatibility reasons and can be spoofed trivially. UA parsing is for analytics and bot detection only.

Client Hints (Sec-CH-UA-*) are structured HTTP headers that replace UA strings. They are easier to parse and more privacy-respecting. Chrome supports them; Safari and Firefox do not as of 2026. For now you need both UA parsing and Client Hints.

Apple changed iPad UAs in iOS 13+ to identify as desktop Safari, eliminating mobile-only redirects on iPads. Detecting iPad now requires checking navigator.maxTouchPoints > 1 in JavaScript.

UA-based detection catches the well-behaved bots (Googlebot, Bingbot, etc.) but misses sophisticated scrapers that spoof real browser UAs. For full coverage, combine UA matching with rate limiting, JavaScript-challenge pages, and IP reputation services.

The "Mobile" token in the UA traditionally indicated a phone-class device. Tablets historically omitted it. Since iPad started identifying as desktop, and Android tablets vary, "tablet" detection now relies on screen size and touch-points more than UA.

UC Browser (Alibaba) ships pre-installed on many low-cost Android devices in Southeast Asia and South Asia. Its data-saver mode (pages routed through Alibaba proxies) made it popular in markets with slow networks. Share is declining but still 2-4% in Indonesia, Malaysia, Vietnam.

Slowly. Chrome reduced its default UA in 2022 but still sends one. Safari and Firefox have not changed. Realistically UA strings will be with us for at least another decade — too many production systems depend on them.

No. All parsing runs in your browser. Your UA string never leaves the page; nothing is sent to any server. You can verify via your browser's network tab — no requests fire during parsing.

User Agent Parser