What Does Your User Agent Say About You?


A user agent is a computer program representing a person, for example, a browser in a Web context.

Besides a browser, a user agent could be a bot scraping webpages, a download manager, or another app accessing the Web. Along with each request they make to the server, browsers include a self-identifying User-Agent HTTP header called a user agent (UA) string. This string often identifies the browser, its version number, and its host operating system.

Spam bots, download managers, and some browsers often send a fake UA string to announce themselves as a different client. This is known as user agent spoofing.

The user agent string can be accessed with JavaScript on the client side using the navigator.userAgent property.

A typical user agent string looks like this: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0".


User Agent String

Browser Data

User Agent Application

David Lawrence
• Tuesday, 05 July, 2022
• 14 min read

Rv: gecko version indicates the release version of Gecko (such as 17.0 “). The Chrome (or Chromium/Blink-based engines) user agent string is similar to Firefox’s.

waf aws protect application agent matching


For compatibility, it adds strings like HTML, like Gecko and Safari. The Opera browser is also based on the Blink engine, which is why it almost looks the same, but adds “Or/”.

In this example, the user agent string is mobile Safari’s version. User agent refers to the application that remotely accesses a different computer, usually a server, through the network.

It means that the Web browser you're using is accessing a program (such as Gmail) or a service (such as that operates on some other faraway computer. Your computer (the client) is connecting to the desired Web page (the server) through one of the TCP/IP protocols.

When you key in a “query” on your Web browser (user agent) and hit “enter,” a text string (a programming sequence of symbols) is sent to the server of that website. While the text string identifies itself to the server as an user agent, it simultaneously requests access to the website.

When the Internet was young, the World Wide Web was dominated by a few of the first generation of browsers. As a result, many Web servers were designed to interact and connect with only those leading browsers.

biological application user agent agents

This was possible because the website could identify that Web browser as the user agent by its text string when it requested access to the site. To overcome this roadblock, competing browsers were modified to replicate or impersonate text strings that would be accepted by the website.

An early example of this is when the browser Internet Explorer spoofed its primary rival at the time, Netscape Navigator. They did it so people using Internet Explorer could gain access to websites that were being limited to Netscape browser users.

During the first browser war, many web servers were configured to send web pages that required advanced features, including frames, to clients that were identified as some version of Mozilla only. Other browsers were considered to be older products such as Mosaic, Cello, or Samba, and would be sent a bare-bones HTML document.

Automated agents are expected to follow rules in a special file called robots.txt “. The popularity of various Web browser products has varied throughout the Web's history, and this has influenced the design of websites in such a way that websites are sometimes designed to work well only with particular browsers, rather than according to uniform standards by the World Wide Web Consortium (W3C) or the Internet Engineering Task Force (IETF).

Websites often include code to detect browser version to adjust the page design sent according to the user agent string received. Thus, various browsers have a feature to cloak or spoof their identification to force certain server-side content.

oauth authentication flow salesforce user agent password tutorial application learn process example token username wikitechy microsoft oauth2 rest api

For example, the Android browser identifies itself as Safari (among other things) in order to aid compatibility. User agent sniffing is the practice of websites showing different or adjusted content when viewed with certain user agents.

An example of this is Microsoft Exchange Server 2003's Outlook Web Access feature. When viewed with Internet Explorer 6 or newer, more functionality is displayed compared to the same page in any other browsers.

Web browsers created in the United States, such as Netscape Navigator and Internet Explorer, previously used the letters U, I, and N to specify the encryption strength in the user agent string. Until 1996, when the United States government disallowed encryption with keys longer than 40 bits to be exported, vendors shipped various browser versions with different encryption strengths.

^ a b RFC 3261, SIP: Session Initiation Protocol, IETF, The Internet Society (2002) ^ RFC 7231, Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content, IETF, The Internet Society (June 2014) ^ Net news Article Format. Browser Versions Carry 10.5 Bits of Identifying Information on Average “, Electronic Frontier Foundation, 27 January 2010.

I've been rejected until I come back with Netscape” ^ “Android Browser Reports Itself as Apple Safari”. ^ User Agent String explained: Android WebKit Browser”.


Mozilla/5.0 (Linux; U; Android 2.2; ends; HTC_DesireHD_A9191 Build/FRF91) Apple WebKit/533.1 (HTML, like Gecko) Version/4.0 Mobile Safari/533.1 ^ Emberton, Stephen. ^ “Chrome Phasing out Support for User Agent ".

Because of this, it’s important to take the necessary steps to make sure the native apps, and their versions, are identifiable. Apps often use the same online resources as the website like RESTful APIs, images or videos.

You can get the device brand name and model name from the EasClientDeviceInformation class with the SystemManufacturer and SystemProductName properties. The OS version can be extracted from DeviceFamilyVersion property in the AnalyticsVersionInfo class.

Making statements based on opinion; back them up with references or personal experience. This search matches the user agent for Selma 1.3.11, which is a popular FOSS tool for testing web applications for SQL injection vulnerabilities.

This rule does not indicate that an SQL injection attack occurred, only that the Selma tool was used. If the source is not an authorized security tester, this is generally suspicious or malicious activity.


An often overlooked part of the discussion is that when engaged with a native app some portion of this time is spent actually on the web, via a web view. We’ll get to what a web view is in a minute, but for now, what this means is that although the user is in an app, he or she is effectively browsing the web.

The first shows loaded via Facebook web view, and the second via Chrome browser, both on Android. This is not too much of a big deal, although it does make changing URL impossible.

And, while we’re talking about cookies, we should probably mention you’ve no control over them in the web view anyway! Now take a look at the second pair of images, this time showing the respective menus of the web view and native browser.

The first is that the web view, in the Android case anyway, is essentially a different or older browser, and as such the set of features supported is not the same. That the browser versions used are different has been noted on the Chrome developers site.

For example, device ids, IMEI, usernames, phone numbers, even preferred language should not be included. In particular, the inclusion of operator information Vodafone increases fingerprinting susceptibility.

web office application smart does applications verified render opening mode

You can find the registry entry in this documentation, and the needed tokens in the Sergeant string. We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.

I recommend that you read this document talking about HTTP protocol: We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.

Thanks for helping make community forums a great place. Just like input “JavaScript:alert(navigator.sergeant)” in the browser address.

You can find the registry entry in this documentation, and the needed tokens in the Sergeant string. We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.

Thanks for helping make community forums a great place. I guess there are no general rules for how long to block a particular application.


In the worst case your application will get blocked forever. Choose a unique name, ideally including the version of your application.

Other Articles You Might Be Interested In

01: Example User Agent String
02: Cisco Firepower User Agent Download
03: Cisco Firepower User Agent For Ad Download
04: Cisco User Agent 2.3
05: Cisco User Agent Download
06: Definition Of User Agent
07: Detecting User Agent Browser Version
08: Device Atlas User Agent Tester
09: Device User Agent Strings
10: Python Requests Header User Agent
1 -
2 -
3 -
4 -
5 -
6 -
7 -
8 -
9 -
10 -