Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Election/Restrictions
2.    NO restrictions warranted at initial time of filing for patent.

Priority
3.    Applicant claims domestic priority under 35 USC 119e to provisional application filed on 07/09/2015.
Information Disclosure Statement
4.    The information disclosure statements (IDS) submitted on 11/16/2021, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Oath/Declaration
5.    Applicant’s Oath was filed on 09/30/2020.

Drawings
6.    Applicant’s drawings filed on 09/30/2020 has been inspected and is in compliance with MPEP 608.01.
Specification
7.    Applicant’s specification filed on 09/30/2020 has been inspected and is in compliance with MPEP 608.02.
Claim Objections
8.    NO objections warranted at initial time of filing for patent.

Remarks
9.	Examiner request Applicant review relevant prior art under the conclusion of this office action.

Terminal Disclaimer
10.	The terminal disclaimer filed on 01/23/2022 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of U.S. Patent No. 10/834,090 has been reviewed and is accepted.  The terminal disclaimer has been recorded.

EXAMINER'S AMENDMENT
11.	An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Joel Vidal on 01/19/2022.

The application has been amended as follows: 
1.	(Currently Amended) A system comprising:
a proxy server detector apparatus, able to determine that a proxy server is utilized by an end-user using an end-user device over a communication network for accessing a trusted server;
wherein the proxy server detector apparatus is configured to determine whether: (I) the end-user device is communicating indirectly with the trusted server via the proxy server, or (II) the end-user device is communicating directly with the trusted server via a proxy-less communication route;
wherein the proxy server detector apparatus comprises:
an Operating System detector, 
(a)	to analyze transmission channel parameters, that exclude a User Agent field reported by the end-user device;
(b)	based on analysis of transmission channel parameters, and without relying on a User Agent field reported by the end-user device, to determine an actual Operating System identity of the end-user device;
(c)	to determine a mismatch between: (I) a reported Operating System identity as reported by the User Agent field of the end-user device, and (II) the actual Operating System identity of the end-user device as determined by the Operating System detector without relying on the User Agent field reported by the end-user device;
(d)	based on said mismatch, to determine that a proxy server exists between the end-user device and the trusted server.

2.	(Canceled)  

20.	(Currently Amended) A computerized method, comprising:
determining that a proxy server is utilized by an end-user using an end-user device over a communication network for accessing a trusted server;
wherein said determining comprises performing an analysis of communications incoming from said user device to said trusted server, and based on said analysis, determining whether: (I) the end-user device is communicating indirectly with the trusted server via the proxy server, or (II) the end-user device is communicating directly with the trusted server via a proxy-less communication route;
wherein said analysis comprises:
(a)	analyzing transmission channel parameters, that exclude a User Agent field reported by the end-user device;
(b)	based on analysis of transmission channel parameters, and without relying on a User Agent field reported by the end-user device, determining an actual Operating System identity of the end-user device;
(c)	determining a mismatch between: (I) a reported Operating System identity as reported by the User Agent field of the end-user device, and (II) the actual Operating System identity of the end-user device as determined by the Operating System detector without relying on the User Agent field reported by the end-user device;
(d)	based on said mismatch, determining that a proxy server exists between the end-user device and the trusted server.

21.	(New) A non-transitory storage medium having stored thereon instructions that, when executed by a machine, cause the machine to perform a method comprising:
determining that a proxy server is utilized by an end-user using an end-user device over a communication network for accessing a trusted server;
wherein said determining comprises performing an analysis of communications incoming from said user device to said trusted server, and based on said analysis, determining whether: (I) the end-user device is communicating indirectly with the trusted server via the proxy server, or (II) the end-user device is communicating directly with the trusted server via a proxy-less communication route;
wherein said analysis comprises:
(a)	analyzing transmission channel parameters, that exclude a User Agent field reported by the end-user device;

(c)	determining a mismatch between: (I) a reported Operating System identity as reported by the User Agent field of the end-user device, and (II) the actual Operating System identity of the end-user device as determined by the Operating System detector without relying on the User Agent field reported by the end-user device;
(d)	based on said mismatch, determining that a proxy server exists between the end-user device and the trusted server.

Reasons for Allowance
13.	Claims 1 and 3- 21 including all of the limitations of the base claim and any intervening claims are allowed.

Closest Prior Art:
U.S. Publication No. 20170078348 discloses on paragraph 0117 “For example, if a data flow involving the client device 102 is a non-secure HTTP flow, it is possible for the proxy server 104 to observer the User-Agent Field in the headers of the HTTP messages sent from the client device 102 and the User-Agent field may be used to classify the client device 102 as a mobile device (e.g. a phone) or a desktop device and/or the client application 102a as a mobile app or a desktop app, as the case may be.”

U.S. Publication No. 20160127488 discloses on paragraph 0018 “An HTTP request may include a user agent field. A user agent field in an HTTP request may contain information about an application generating the request (e.g., Firefox™, Twitter™, etc.), an operating system version of the device the request originated from (e.g., iOS™ 7), a hardware version of the device transmitting a request (e.g., iPhone 5S), a rendering platform used by the application (e.g., WebKit, Gecko, etc.), and/or abilities of the versions of the application generating the request (e.g., LiveMeeting, etc.).”

U.S. Publication No. 20090241188 discloses on paragraph 0058 “After the lead packet is extracted in the session, the unnecessary portion removal unit 106 removes the unnecessary portions except for the message portions from all the packets in the session (Step SI 03). The TCP/IP header 41 and the SSL header 42 are removed in the packet configuration shown in FIG. 3. Thus, in the embodiment, because not only the TCP/IP header but also the unnecessary 

U.S. Publication No. 20130024239 discloses on paragraph 0084 “As a further example, the threat detection application 337 may be further configured to access a social network associated with the outsider, determine one or more indirect connections between the outsider and the agent, and generate a connectedness factor based at least partially on the number of indirect connections between the outsider and the agent and the type of each indirect connection. As a further example, the threat detection application 337 may be further configured to dynamically determine a threshold connectedness factor associated with the agent, and determine the connectedness factor is greater than the threshold connectedness factor. As a further example, the threat detection application 337 may be further configured to calculate the threshold connectedness factor based at least partially on determining at least a predetermined number of interactions between the agent and the outsider during a predetermined period of time.”

U.S. Publication No. 20120005719 discloses on paragraph 0004 “In certain embodiments, a method includes receiving, at a proxy, a request for access to a network from an application on an endpoint. The method also 

U.S. Publication No. 20130312097 discloses on paragraph 0047 “FIG. 2 is an exemplary system diagram in accordance with an embodiment of the present invention. As discussed with reference to FIG. 1, resources 115-1 to 115-n may include client and servers in a client-server environment. A system 200 includes a client 210 capable of communicating with a server 215 by sending and receiving requests. All the requests are visible to a monitoring unit 205. While in this simplified example, only a single client, i.e., client 210, and a single server, i.e., server 215, are shown as being monitored by monitoring unit 205, it should be understood that system 200 may include more than one client and that may interact directly or indirectly with monitoring unit 205 and directly or indirectly with each other. Client 210, monitoring unit 205, and server 215 are connected to each other through a network (not shown), such as an enterprise network or the 

U.S. Publication No. 20110119370 on paragraph 0054 “In addition, the controller web server is configured such that it not only replies with a one-pixel GIF to such random requests, but also adds an "ETag" in the reply HTTP header. The ETag is generated dynamically based on the request time and is thereby different for every reply. When there is a proxy server with caching along the path between the client and the server, it will cache the first reply and respond immediately from its cache to subsequent same requests. In other words, the client will get the GIF from the proxy server directly for subsequent requests with 

 	The following is an Examiner’s Statement of Reasons for Allowance: 
 	Claims 1 and 3-21 are allowable over prior art references taken individually or in combination fails to particularly disclose, fairly suggests or render obvious are argued by the applicant which examiner considers persuasive as set forth above
 Although the prior art discloses a proxy server detector apparatus, able to determine that a proxy server is utilized by an end-user using an end-user device over a communication network for accessing a trusted server, no one or two references anticipates or obviously suggest wherein as analysis comprises analyzing transmission channel parameters, that exclude a User Agent field reported by the end-user device and based on analysis of transmission channel parameters, and without relying on a User Agent field reported by the end-user device, determining an actual Operating System identity of the end-user device.
Thereafter, determining a mismatch between a reported Operating System 
Furthermore, based on said mismatch, determining that a proxy server exists between the end-user device and the trusted server.

 Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GARY S GRACIA/Primary Examiner, Art Unit 2491