Every request your browser sends carries a User-Agent header — a single free-text line describing the browser, rendering engine, operating system, and sometimes the device. Servers read it to decide which version of a site to serve, to keep crawler statistics, and to tailor downloads. Below is the exact string your browser sent with this request, alongside how IPFerret parses it.
Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)- Browser
- —
- Operating system
- —
- Device type
- bot
- Bot?
- Yes
How to read a user-agent string
A modern string looks intimidating because it is layered with decades of compatibility tokens. A typical Chrome-on-Windows value reads roughly Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36. Almost none of that is literally true: the browser is neither Mozilla, nor Safari, nor KHTML. Each token was added so that a site sniffing for a particular engine would still serve the rich version of a page. Our parser ignores the theatre and pulls out the parts that matter — the real engine and browser version, the operating system family, and whether the request came from a recognised bot.
Why it says “Mozilla” on everything
In the 1990s many sites served frames and richer markup only to Netscape, whose internal codename was Mozilla. To qualify for the better experience, Internet Explorer began claiming Mozilla/4.0 (compatible; MSIE ...), and every browser since has kept the Mozilla/5.0 prefix for the same reason. The result is that the user-agent is less a description of the browser than a fossil record of which engines once needed appeasing — which is exactly why you should never branch important logic on a substring match against it.
Why you should not trust it
The string is set entirely by the client. Chrome, Safari, and Firefox all ship with developer tools that let you override it in a couple of clicks, and automated clients impersonate real browsers as a matter of course. Treat it as a self-reported hint, not a fact. It is useful for analytics and progressive enhancement, and — combined with other signals such as TLS fingerprints, accept headers, and source IP — it can identify a client with surprising confidence. That same combining power is why privacy-focused browsers deliberately reduce the precision of what they report.
The future: Client Hints
Chromium browsers are gradually replacing the single long string with User-Agent Client Hints — a set of smaller, opt-in headers such as Sec-CH-UA, Sec-CH-UA-Platform, and Sec-CH-UA-Mobile. Instead of broadcasting everything to every server, a site requests only the fields it actually needs, which cuts down on passive fingerprinting. IPFerret's parser falls back to whichever signal is present, so the breakdown above stays accurate as the legacy string is frozen and trimmed.
Frequently asked questions
Can the user-agent string be trusted?
No. It is set by the client and can be changed to anything. Browsers ship tools to override it and bots routinely impersonate real browsers, so treat it as a self-reported hint, never as proof of identity.
Why do all browsers say Mozilla?
A historical accident: early sites favoured Netscape (codename Mozilla), so every later browser kept the Mozilla/5.0 prefix and stacked on tokens like Gecko, AppleWebKit, Chrome, and Safari to qualify for the same content. The string is a pile of compatibility tokens, not an honest description.
What replaces the user-agent?
User-Agent Client Hints split the data into small, opt-in headers so sites request only what they need, reducing the fingerprinting surface compared with sending one long string to every server.
Related tools
See the full set of request headers your browser sends with the HTTP header inspector, find out what a server actually learns about you on what websites see, and check the network side of your identity with what is my IP.
