cURL: Show Request and Response Headers

In order to display the request and response headers for a cURL, you can make use of the --verbose or -v flag along with your GET/POST/PUT/DELETE request.

Example:

% curl -v https://code2care.org

*   Trying 104.21.91.10:443...
* Connected to code2care.org (104.21.91.10) port 443 (#0)
* ALPN: offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=code2care.org
*  start date: May 11 01:26:23 2023 GMT
*  expire date: Aug  9 01:26:22 2023 GMT
*  subjectAltName: host "code2care.org" matched cert's "code2care.org"
*  issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1P5
*  SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: code2care.org]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x14880e600)


> GET / HTTP/2
> Host: code2care.org
> user-agent: curl/7.88.1
> accept: */*
> 


< HTTP/2 200 
< date: Thu, 29 Jun 2023 12:20:37 GMT
< content-type: text/html; charset=UTF-8
< cache-control: private, max-age=0, must-revalidate, no-cache, no-store
< content-security-policy: upgrade-insecure-requests;
< display: pub_site_sol
< expires: Wed, 28 Jun 2023 12:20:37 GMT
< pagespeed: off
< response: 200
< set-cookie: ezoadgid_395744=-1; Path=/; Domain=code2care.org; Expires=Thu, 29 Jun 2023 12:50:36 UTC
< set-cookie: ezoref_395744=; Path=/; Domain=code2care.org; Expires=Thu, 29 Jun 2023 14:20:36 UTC
< set-cookie: ezosuibasgeneris-1=229f72c5-b659-440a-725a-dccf110bdcaa; Path=/; Domain=code2care.org; Expires=Fri, 28 Jun 2024 12:20:36 UTC; Secure; SameSite=None
< set-cookie: ezoab_395744=mod18-c; Path=/; Domain=code2care.org; Expires=Thu, 29 Jun 2023 14:20:36 UTC
< set-cookie: active_template::395744=pub_site.1688041236; Path=/; Domain=code2care.org; Expires=Sat, 01 Jul 2023 12:20:36 UTC
< set-cookie: ezopvc_395744=1; Path=/; Domain=code2care.org; Expires=Thu, 29 Jun 2023 12:50:37 UTC
< set-cookie: ezepvv=0; Path=/; Domain=code2care.org; Expires=Fri, 30 Jun 2023 12:20:37 UTC
< set-cookie: ezovid_395744=65580999; Path=/; Domain=code2care.org; Expires=Thu, 29 Jun 2023 12:50:37 UTC
< set-cookie: lp_395744=https://code2care.org/; Path=/; Domain=code2care.org; Expires=Thu, 29 Jun 2023 12:50:37 UTC
< set-cookie: ezovuuidtime_395744=1688041237; Path=/; Domain=code2care.org; Expires=Sat, 01 Jul 2023 12:20:37 UTC
< set-cookie: ezovuuid_395744=00ca4390-1c76-441a-4224-004eb8fae3aa; Path=/; Domain=code2care.org; Expires=Thu, 29 Jun 2023 12:50:37 UTC
< vary: Accept-Encoding
< x-content-type-options: nosniff
< x-ez-minify-html: 16.68% 103110 / 123759
< x-ez-proxy-out: true 2.4
< x-ezoic-cdn: Bypass
< x-frame-options: SAMEORIGIN
< x-middleton-display: pub_site_sol
< x-middleton-response: 200
< x-origin-cache-control: 
< x-sol: pub_site
< x-sucuri-cache: HIT
< x-sucuri-id: 15037
< x-xss-protection: 1; mode=block
< cf-cache-status: DYNAMIC
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1OzYYSP1bL6qPJBX5JNooggBdA0vzuUrhvqIzwV3BxvJPd1uAiJIhfBLaIcUGnl0bH65ud0Kt5nkfibdVJwRNOJzXJe07HuRpXyhXY6dXJN6LeW83hZlY%2FgdK3CF6Cg"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 7dee1fe0c89f8555-BOM
< alt-svc: h3=":443"; ma=86400
< 
<!doctype html>
...
...
...

The lines that start with > are the Request Headers while ones that start with < are Response Headers.

Facing issues? Have Questions? Post them here! I am happy to answer!

Click To Load Comments