Cross-origin stuff doesn’t always let you get access to those headers and they may not always be there. Some web servers don’t put that there, some do. Some frameworks add them, some don’t.

Yes, many servers don’t expose Date to browsers (Access-Control-Expose-Headers), so you can’t read it cross-origin. Also, CDNs/proxies can cache or rewrite headers, my goal was a boring, local /time on the same gateway the tech is testing. Another thing was that Date is seconds-resolution, I want ms and a stable JSON shape. I have found Cloudflare trace to be handy in past, but it’s not my box, it may rate-limit, and adds an extra network hop. For the core question "Is it me or the edge box" I wanted the box itself to answer.

This is also why I lean on a tiny JSON route with simple CORS. For anyone wiring this up, they can add

Access-Control-Allow-Origin: * (or site origin), and Cache-Control: no-store

Also, watch for mixed content (HTTPS page trying to fetch HTTP gateway), either serve the probe from the gateway or expose /time over HTTPS.