Can I change my User-Agent?

Yes. You can override it via DevTools or extensions, but it does not make you anonymous.

How do I detect bots in my application?

Use UA along with IP reputation, behaviour, and rate analysis. UA alone is insufficient.

Why do all browsers say Mozilla in their User-Agent?

Historical compatibility reasons from the Netscape era. It no longer has meaning.

What Is a User Agent and What Does It Reveal?

Every time your browser makes an HTTP request, it sends a User-Agent header identifying itself. This string tells servers which browser, operating system, and device made the request. It's used for analytics, content negotiation, bot detection, and responsive behaviour.

Check your current User-Agent string instantly with our User Agent Parser tool.

Anatomy of a User Agent String

A typical Chrome on Windows User-Agent looks like:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36

Breaking this down: • Mozilla/5.0 — historical legacy. Every browser sends this for compatibility reasons. • Windows NT 10.0; Win64; x64 — operating system: Windows 10, 64-bit • AppleWebKit/537.36 — rendering engine • Chrome/120.0.0.0 — actual browser and version • Safari/537.36 — legacy compatibility token

The Mozilla/5.0 prefix on everything is a historical artefact. When Netscape Navigator dominated, sites served different content to "Mozilla" browsers. Every browser started spoofing the Mozilla prefix to get the same content — and it stuck.

What User Agents Are Used For

Analytics and traffic reporting

Analytics tools parse User-Agent strings to report which browsers, operating systems, and devices visit your site. This data drives decisions about which browsers to support and test against.

Bot detection

Crawlers, scrapers, and automated tools typically send distinctive User-Agents. Googlebot identifies itself as Googlebot. Bad bots sometimes spoof legitimate browser UAs. Checking UA alongside IP reputation and behaviour patterns is a basic bot detection layer.

Content negotiation

Servers can serve different content based on the detected device. Mobile User-Agents can trigger mobile-optimised responses. This was more common before CSS media queries made server-side detection mostly unnecessary.

Feature detection (the wrong way)

UA sniffing to infer browser capabilities is fragile and widely considered a bad practice. Browsers have been deliberately making UAs less useful for this purpose. Use feature detection (checking if a specific API exists) rather than UA detection to determine capabilities.

User Agent Reduction — The Privacy Trend

Google's User-Agent Reduction initiative, rolled out in Chrome 107+, freezes the browser version in the UA string and removes OS minor version details. The goal is reducing cross-site tracking through UA fingerprinting.

The replacement is Client Hints (Accept-CH header) — a structured system where servers explicitly request specific client information rather than receiving everything in one string.

Parse any User-Agent string — see browser, OS, device and bot detection

Try User Agent Parser Free →

FAQs

Yes. In Chrome DevTools: open DevTools → three-dot menu → More tools → Network conditions → User agent → uncheck "Use browser default" and enter any string. Browser extensions can also override UA globally. Changing your UA doesn't make you untraceable — IP, cookies, and other fingerprinting methods still identify you.

Use UA as one signal, not the only one. Check against known bot UA patterns. Combine with: IP reputation databases, request rate analysis, behavioural signals (mouse movement, timing), and honeypot fields. Determined scrapers spoof legitimate browser UAs — pure UA-based bot detection is easily circumvented.

Historical accident. Netscape Navigator (Mozilla) was dominant in the 1990s and sites served richer content to Mozilla browsers. Internet Explorer and other browsers started including Mozilla in their UAs to receive the same content. The pattern perpetuated through every subsequent browser. It is now meaningless as an identifier.