Page is a not externally linkable
- Search Engines
-- Search Engine Spider and User Agent Identification
---- Is this really a PlayStation 3

Ocean10000 - 2:03 am on Apr 5, 2008 (gmt 0)


I am in charge of monitoring a few websites. One of them gets a small number of mobile and alternate browser visits. So I am often trying to figure out if the browser is actually a human using some unknown browser or a new unknown bot trying to sneak on by.

One of these visitors is uses their PlayStation 3 to browse with. So my job was to figure out what criteria that would use to validate against to rule out a bot spoofing the PlayStation 3 to get in. The following is what I came up with.

The User-Agent in question "Mozilla/5.0 (PLAYSTATION 3; 1.00)"

  1. The first checks done is to make sure the User-Agent matches "Mozilla/5.0 (PLAYSTATION 3; 1.00)" to activate the validation checks for this specific browser.

  2. Once it is determined that the UA Matches a known custom test start processing the custom test items, which are the following for the PlayStation 3.
    • Must not include "Accept" Header. If "Accept" header is found then the browser is not a valid PlayStation 3.

      This is unusual most major browsers and bots will always supply this header. It is one of the standard tests used by me to determine that a browser is a spoofer, is by checking if the "Accept" Header is not present. Which usually means it is a bot trying to hide using a well known User-Agent .

    • Must include "x-ps3-browser" Header. If "x-ps3-browser" Header is not present then the browser is not a valid PlayStation 3.

    • The "x-ps3-browser" Header must be in the following format "#.## (WP; system=#.##)" where the # signs are numeric digits. So if it does not match this mask then it is not a valid PlayStation 3.

      Here are a few examples taken from my library to date.
      "1.30 (WP; system=1.32)"
      "1.70 (WP; system=1.70)"
      "1.80 (WP; system=1.81)"
      "1.90 (WP; system=1.90)"
      "2.10 (WP; system=2.10)"

    • Must include "Accept-Encoding" Header. If "Accept-Encoding" Header is not present then the browser is not a valid PlayStation 3.
      The Accept-Encoding" Header must be equal to "identity" and yes case does matter, it is always lower case. So if it doesn't equal "identity" then it is not a valid PlayStation 3.

    • Must include "Accept-Language" Header. If "Accept-Language" Header is not present then the browser is not a valid PlayStation 3.

    • Must include "Connection" Header. If "Connection" Header is not present then the browser is not a valid PlayStation 3.

  3. If it has made it this far there is no further test that can be used exclude it from being a "PlayStation 3" based on supplied headers alone.

Thread source:: http://www.webmasterworld.com/search_engine_spiders/3619657.htm
Brought to you by WebmasterWorld: http://www.webmasterworld.com