Middleman Alerter Chromium

• browser-extension
• privacy
• transparency

A Chromium browser extension alerting you when websites route their traffic through third-party reverse proxies, i.e., networks that can read all page content and credentials.

Add to your browserBuy commercial license

This extension does not collect or share any data with IA Defensa or third parties. The source code is available for auditing. The extension is free for personal use.

Features

• Detects major reverse proxies: Akamai, AWS CloudFront, Azure Front Door, Bunny.net, Cloudflare, Fastly, Google Cloud / GCLB, Imperva, Sucuri, and Zscaler
• In-page toast: A brief, dismissible notification appears once per session per domain when a proxy is detected, then stays out of your way
• Badge indicator: The extension icon shows a “!” on any page using a detected service
• Popup detail: Shows the detected service name and a plain-language explanation of what it means
• Configurable: Enable or disable alerts per service in the settings page

Installation

1. Go to the IA Defensa Middleman Alerter page in the Chrome Web Store
2. Click “Add to Chrome” (or equivalent for other Chromium browsers)

Afterwards, configure the extension according to your preferences and consider pinning it to your toolbar for easy access.

Tip: Enable the extension in private mode (“Allow in Incognito”). The extension does not share any information with IA Defensa or third parties.

Usage

1. Browse normally: The extension runs automatically in the background
2. Watch the icon: A “!” badge appears when a proxy is detected on the current page
3. Click the icon to see which service is in use and what it means

To suppress alerts for a specific service, open the “Settings” page via the button in the popup.

Detected Services

Detection is based on HTTP response headers unique to each service. To request adding a service, please use the IA Defensa forum.

Configuration

In the popup:

• Show in-page notifications—toggle the toast on or off; the badge and popup info remain active regardless

On the settings page (via the “Settings” button):

• Enable or disable alerts per service—useful if a specific service is common enough in your browsing that you prefer not to see alerts for it

How It Works

When you navigate to a page, Middleman Alerter inspects the HTTP response headers of the HTML document—not images, scripts, style sheets, or other subresources. If a header signature matches a known reverse proxy, the extension:

1. Sets a “!” badge on the extension icon
2. Shows a brief in-page notification (once per session per domain)
3. Displays the service name and a plain explanation in the popup

Checking only the main document’s headers means the extension detects services that intercept the full connection—where the proxy operator terminates HTTPS and can read all traffic before forwarding it to the origin server.

Why This Matters

When a website uses a reverse proxy, the proxy operator terminates the HTTPS connection on your behalf. This means all traffic—page content, form submissions, and login credentials—passes through their infrastructure in plain-text before reaching the origin server. This is a deliberate architectural choice with legitimate uses (performance, security), but it is also a meaningful trust relationship that is rarely disclosed to end users. Middleman Alerter makes it visible.

Troubleshooting

Badge or toast not appearing:

1. Confirm the extension is enabled in chrome://extensions/
2. Reload the page—detection happens when the page first loads
3. Check that the service is not disabled in the settings page
4. Open the popup to see if a proxy was detected but notifications are turned off

Unexpected alert:

Header-based detection is accurate but not infallible. Some services share header names, and third-party scripts can occasionally set headers that match a detection rule. If you believe a detection is incorrect, please report it.