ToolBelt

User Agent Parser

Decode a User-Agent string into browser, engine, OS and device.

Open tool

Overview

The User-Agent parser decodes a User-Agent: string into its meaningful parts: browser name and version, layout engine, operating system, device type, and CPU architecture. Paste a UA string from a server log or a request header and the parser returns a structured view of who (or what) is making the request.

Analytics engineers cleaning a log file, security analysts spotting bot traffic, and web developers tuning a feature for older browsers all need a User-Agent decoder. Long-tail keywords covered: parse User-Agent string online, identify bot vs browser from UA, and decode iOS Safari version from User-Agent.

How it works

The User-Agent header is defined by RFC 9110 as a free-form list of product/version tokens with optional comments. In practice every browser follows a chaotic but recognisable convention — Chrome and Edge claim to be Mozilla/5.0, then list Chrome, Safari, and a Blink/WebKit identifier; Firefox claims Mozilla/5.0 then Gecko and Firefox. The parser uses an ordered set of regex patterns to extract the browser, engine, OS, and device, trying the most specific patterns first.

Modern browsers have started exposing structured client hints (Sec-CH-UA, Sec-CH-UA-Platform, etc.) to replace this fragile parsing. The parser still handles the legacy User-Agent string because most server logs and many small tools have not migrated yet.

Examples

  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0 Safari/537.36 → Chrome 126 on Windows 10, x64.
  • Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Mobile/15E148 Safari/604.1 → Safari 17.4 on iOS 17.4, iPhone.
  • curl/8.4.0 → curl 8.4.0 (CLI tool, not a browser).
  • Googlebot/2.1 (+http://www.google.com/bot.html) → Google's search crawler.

FAQ

Are User-Agent strings reliable?

No — they are trivially spoofed. Treat them as a hint, never a security boundary. Bots routinely impersonate browsers, and privacy-focused browsers send generic UAs to reduce fingerprinting.

Why do all browsers start with Mozilla/5.0?

Historical accident. Early 1990s servers checked the UA prefix to decide whether to send frames. Every later browser kept the Mozilla token to stay compatible, and the convention stuck.

What are client hints?

A structured replacement: instead of one opaque string, the browser sends discrete headers like Sec-CH-UA: "Chrome";v="126". Servers opt in by sending Accept-CH in a response, and the browser then includes the hints on subsequent requests.

Can I detect mobile vs desktop reliably?

Reasonably well for major browsers — most UAs include Mobile or device IDs like iPhone. The new Sec-CH-UA-Mobile hint is a more reliable signal where supported.

Try User Agent Parser

An unhandled error has occurred. Reload ×