aiohttp and urllib user agents
aiohttp is an async HTTP client/server library for Python, and urllib is Python's built-in HTTP module. By default each sends a user agent naming the library — an aiohttp token or a Python-urllib token — unless the developer overrides it. Seeing these tokens marks a request as scripted Python traffic rather than a browser.
What this means
Many Python programs make HTTP requests with aiohttp (asynchronous) or the standard-library urllib. Both set a default user agent that names the library when the developer does not override it. urllib's default commonly begins with a Python-urllib token; aiohttp's default includes an aiohttp token.
These are general-purpose libraries, so the traffic could be anything — an internal job, an integration, a scraper, or a monitor. The token tells you the tool, not the intent.
How they appear
Look for the library product token followed by a version, with none of the browser compatibility chain. urllib often shows a Python-urllib token; aiohttp shows an aiohttp token. Because both are trivially overridable, well-built clients frequently replace the default with a custom or browser-like string.
Match on the library token to catch defaults, but do not assume its absence means there is no Python client — a custom user agent can hide it entirely. Treat the string as a claim.
- urllib default commonly begins with a Python-urllib token
- aiohttp default includes an aiohttp product token
- Both are easily overridden with a custom user agent
How it appears in analytics and logs
A user agent containing an aiohttp token or a Python-urllib token indicates a script using those Python libraries, not a human browser. It is automation: API access, scraping, integration, or a health check, depending on context.
Diagnostic use case
Identify scripted Python clients built on aiohttp or urllib, separate them from browser traffic, and recognise that a custom user agent may hide either library.
What WebmasterID can help detect
WebmasterID classifies aiohttp and urllib default tokens as scripted, non-browser clients, helping you keep automation out of human analytics without IP-level inspection.
Common mistakes
- Assuming all Python HTTP traffic shows a library token — custom user agents hide it.
- Treating aiohttp or urllib requests as human page views in analytics.
- Reading the library token as proof of malicious intent rather than just the tool.
Privacy and accuracy notes
These tokens identify the HTTP library, not a person. WebmasterID reads them as coarse automation signals and never attaches them to an individual.
Related pages
- python-requests user agent
The popular Python requests library sends a default user agent in the form python-requests/x.y. Seeing it means a Python script made the request — for an integration, a scraper, a webhook, or your own code. It is honest automation, not a browser, though the default can be overridden. This page covers the pattern.
- curl, wget and script user agents
Command-line and library HTTP clients send a default user agent that names the tool: curl/x.y, Wget, python-requests, Go-http-client, and similar. These are scripts, not browsers, and seeing them is normal. This page explains the patterns and how to treat them without over- or under-reacting.
- Detecting automation from user agents
You can use the user agent as a first signal for spotting automation — tool tokens, headless markers, missing strings — but it is never conclusive, because any client can change it. Reliable detection pairs the UA with verification and behaviour, and records honest unknowns. This page explains a sound approach.
- Bot intelligence
Surface scripted HTTP-client traffic separately from human visits.
Sources and verification notes
- Python docs — urllib.requesturllib default UA begins with Python-urllib; aiohttp default UA documented in aiohttp.
- aiohttp documentation
Last reviewed 2026-06-24. Facts are checked against primary/official sources where available; uncertain specifics are marked “Data not yet verified” rather than guessed.