AIStacker
Web

Overview

User-Agent Parser

Parse one raw user-agent string and identify browser family, version, engine, operating system, device type, and likely bot traffic.

What isHow to useExampleCommon use casesFrequently asked questions

Category hub

Web

Problems

5

FAQ

3

Quick links

Browse hub
#operating-system-detector#log-inspection-tool#device-type-parser#user-agent-parser#crawler-detection
Request Identity

User-Agent Parser

Inspect one raw user-agent string and infer browser family, rendering engine, operating system, device class, and likely bot traffic.

Paste a browser, crawler, or in-app webview UA to quickly separate device assumptions from the literal string your logs captured.
Browser
Chrome 135.0.0.0
Engine
Blink
Operating system
macOS
Device type
Desktop
Derived classification
Looks like an end-user browser string.
Matched tokens
Chrome/135.0.0.0
Mac OS X 14_5
Chrome/135.0.0.0

What you can solve

How should I read a user-agent string without getting lost in every token?

Start by looking for the highest-signal identifiers: browser family, browser version, operating system hint, and whether the string includes mobile or bot markers. You usually do not need to interpret every token literally. A parser is useful because it reduces the string to the parts that change debugging decisions, such as browser compatibility or suspicious automation.

Why might a user's reported browser not match the UA string in my logs?

The report may come from a different device, an in-app browser, a support relay, a screenshot taken after reproduction, or a privacy tool that altered the user-agent header. In some cases the request in your logs also belongs to a prefetcher or social preview crawler instead of the user session you expected.

Can I detect a bot just from the user-agent string?

You can detect strong hints, but not certainty. Known bot keywords, preview tokens, and crawler naming conventions often help, yet some bots impersonate common browsers and some legitimate services advertise themselves in unusual ways. UA parsing should be one signal alongside IP reputation, rate patterns, and request behavior.

How can I tell if a user agent string has been spoofed or modified?

You cannot reliably detect spoofing from the string alone. A well-crafted fake UA is indistinguishable from a real one in the string itself. Signals that raise suspicion include: unusual combinations (e.g., iOS version paired with a Windows desktop token), version numbers that don't exist for that browser, or bot-like cadence in request timing. Parse the string to surface obvious inconsistencies, then combine that with behavioral signals for stronger detection.

How do I reliably detect mobile versus desktop from a user agent string?

Look for `Mobi` or `Mobile` in the UA string — this token is the most consistent signal across Android and iOS browsers. iPhones send `iPhone` and iPads send `iPad`. Android tablets often omit `Mobi` while phones include it. Because UA strings are user-controlled and increasingly reduced by privacy features like Chrome's User-Agent reduction, treat UA-based detection as a strong hint rather than a guarantee, and supplement it with screen-size and pointer-type media queries in the browser.

Typical workflow

HTTP Status Code ExplorerUser-Agent ParserCORS Header CheckerCache-Control Header Checker

Guides for this workflow

Supporting guides that connect this tool to the broader category workflow.

Open category hub
Web guide

How to Read User-Agent Strings Without Overthinking Every Token

A practical guide to extracting the few user-agent signals that actually change debugging decisions, including browser family, OS, device type, and likely bot markers.

Web guide

400 vs 401 vs 403 vs 422: A Practical API Error Triage Workflow

A concrete debugging workflow for separating malformed requests, authentication failures, permission issues, and validation errors before your team fixes the wrong thing.

Web guide

Why Access-Control-Allow-Origin Star Fails with Credentials

A practical browser-first guide to diagnosing the most common credentialed CORS mistake: returning wildcard Allow-Origin while the frontend sends cookies or auth-bound credentials.

Web guide

encodeURI vs encodeURIComponent for redirect_uri and Query Params

A practical guide to choosing the right encoding boundary for redirect_uri, nested URLs, and query parameter values before a small encoding mistake turns into a redirect bug.

What is

What is User-Agent Parser?

A user-agent parser turns an opaque request header into a fast working hypothesis about who or what made the request. That matters when logs say one thing, product analytics say another, and a support ticket insists the issue only affects a specific browser or device.

Instead of reading the entire UA string by eye, you can paste it once and immediately separate browser family, version, operating system, rendering engine, desktop-versus-mobile assumptions, and common crawler patterns.

How to use

How to use User-Agent Parser

Paste a raw `User-Agent` string from server logs, browser devtools, or analytics exports. The parser identifies the strongest browser and OS signals it can find, infers a coarse device type, and flags whether the string looks more like bot or preview traffic than a real end-user browser.

Example

Example

Example:
Input: `Mozilla/5.0 (Macintosh; Intel Mac OS X 14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36`

The parser identifies Chrome as the browser family, Blink as the engine, macOS as the operating system, and Desktop as the device type. That is often enough to confirm whether a bug report really matches the request header in your logs.

Common use cases

Common use cases

1. Triage browser-specific bug reports from support or QA.

2. Check whether strange request traffic is likely a crawler, preview fetcher, or normal user browser.

3. Sanity-check analytics exports that group traffic by browser or device.

4. Explain the most important signals inside an unfamiliar UA string to teammates quickly.

Frequently asked questions

Frequently asked questions

Can a UA parser guarantee the true device and browser?v
No. User-agent strings can be spoofed, simplified by proxies, or modified by privacy tools. The parser gives you a best-effort interpretation of the string that was actually captured, which is still useful for debugging and review.
Why does bot detection say likely instead of certain?v
Because many automated clients identify themselves with familiar bot tokens, but not all do. Likewise, some legitimate preview systems and monitoring tools resemble bots. The parser marks the pattern as a likelihood, not an absolute fact.
Why is this tool focused on one string at a time?v
The job is inspection, not analytics. A single-string parser makes it easier to reason about one failing request, one support screenshot, or one suspicious log line without burying the core signals in a dashboard.