Output Headers Page
Welcome to the Output Headers Page! Use a query parameter to set the size (bytes) of an 'oversized-cookie' (e.g. /output-headers?size=4000). Use /output-headers?include-attack=true to include an attack string at the end of the cookie.
Request Headers
| Name |
Size (bytes) |
Content |
| host | 24 | nginx-reflector.s-archer |
| accept | 3 | */* |
| user-agent | 103 | Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) |
| accept-encoding | 23 | gzip, br, zstd, deflate |
| x-forwarded-for | 14 | 216.73.217.123 |
| x-forwarded-proto | 5 | https |
| x-envoy-external-address | 14 | 216.73.217.123 |
| x-request-id | 36 | 9045fda7-2e9a-4906-8d70-db6548700772 |
| arch-http-scheme | 5 | https |
| arch-http-version | 6 | HTTP/2 |
| arch-tls-version | 7 | TLSv1.3 |
| x-envoy-original-authority | 18 | reflect.archf5.com |
Response Headers
| Name |
Size (bytes) |
Content |
| Strict-Transport-Security | 16 | max-age=20000000 |
| Set-Cookie | 44 | weak-cookie=weakphrase; Path=/output-headers |
| Set-Cookie | 22 | other-cookie=value-xyz |
