Use this tool to view the user agent your browser is sending to this page. Also, shown is the IP address of the system you are connecting to our server with..

WHAT IS THE USER AGENT

The User-Agent is a request header that lets HTTP servers know the application and operating system of the client connecting to the server. It allows the server (and server applications) to customize its response to the request depending on the client.

Example Request Headers with User Agent

Host: mozilla.org
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.176763543835.1592437217; _gid=GA1.2.223453453575342.1592437217

You can see the User-Agent detailing the operating system as 64 bit Ubuntu Linux and the browser as Firefox/77.0.

FORGING USER AGENT

As the User-Agent is a client initiated request header it is simple to forge the user agent and supply any user agent to the HTTP server. Intercepting proxies such as Burp Suite are a somewhat heavy duty way to forge a request header, whereas simple browser plugins are available to allow the user agent to be selected from a list of common browsers.

SECURITY TOOLS AND THE USER AGENT

When running security testing tools the user agent is often used to identify the tool. As it helps to understand why there are thousands of odd requests in the web server log.

Tools such as Nikto, OpenVAS and even Curl all have a default user agent that identifies the client. This allows simple detection by Intrusion Detection Systems (IDS) to block the scanning attempts. However, as mentioned above forging the user agent is very simple and each of these mentioned tools have the option to set the User-Agent within the tool configuration or parameters.