How to Show Response Headers With cURL (Flags & Examples)
TutorialsLearn how to show HTTP response headers with cURL using _-I, -i, -v,_ and _-D_ flags. Includes examples for headers only, redirects, and debugging.
Marijus Narbutas
Key Takeaways
-
Viewing headers with cURL helps you spot configuration errors, server types, and caching rules without downloading the whole page.
-
Commands like -I, -v, and -D let you choose between a clean summary, a complete debug log, or a separate file for your headers.
-
Inspecting headers allows you to fix redirect loops, incorrect content types, and missing security settings quickly.
Understanding how to use cURL to show response headers is a valuable skill when working with web servers, APIs, or debugging tools. Inspecting HTTP headers helps you see what’s happening behind the scenes during communication between a client and a server.
Here, you will learn how to use the cURL command to display response headers, understand how different options behave, how to troubleshoot common issues, and more.
Basic cURL Commands to Show Response Headers
The cURL tool is widely used to transfer data using URLs. One of its main strengths is the ability to display HTTP response headers quickly and clearly while also being available on nearly any OS by default. Here are several basic commands that you need to know.
cURL -I https://iproyal.com
This command sends a HEAD request to the server. In other words, it fetches only headers (without the response body). Here’s what the output looks like:
HTTP/1.1 200 OK
Date Wed, 30 Jul 2025 1234:55 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
CF-RAY: 9674e496587b0206-WAW
Cache-Control: public max-age=7200
last-modified: Wed 30 Jul 2025 10:26:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self';
CF-Cache-Status: REVALIDATED
Report-To:
{"endpoints":"url""https://a.nel.cloudflare.com/report/v4?s=mNBLzPFwKZ2iPTz5c%2BCxZTbSjJr%2Fs4EzMytrshax4KoHfYcwY7DT%2BUsfkDGE94AJpC%2FyjmZZzWFwby7eBn5uI7v0f4VCKpI9TSe3T3PD9m9oljKGDAdG0EpYAGXG"}]"group""cf-nel","max_age":604800
NEL: "success_fraction"0"report_to""cf-nel","max_age":604800
Server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing:
cfL4;desc="?proto=TCP&rtt=46245&min_rtt=23442&rtt_var=24209&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3127&recv_bytes=640&delivery_rate=145268&cwnd=252&unsent_bytes=0&cid=8504c0afb5702278&ts=96&x=0
This is a clean and efficient way to view only the response headers. Keep in mind that the symbol in the command is uppercase 'i', not lowercase 'L'.
cURL -v https://iproyal.com
This command makes a complete GET request The -v flag enables verbose mode and shows both request headers sent and HTTP headers received. Here is the output excerpt:
> GET / HTTP/1.1
> Host: iproyal.com
> User-Agent: curl/7.68.0
> Accept: */*
< HTTP/1.1 200 OK
< Content-Type: text/html; charset=UTF-8
< Content-Length: 1256
Notice that the lines starting with '>' are request headers, and the lines starting with '<' are response headers. It shows more details, but also includes the response content unless you decide to filter it.
curl -s -D - https://iproyal.com
This version uses three flags:
- -s. Silent mode, removes progress meter.
- -D -. Dumps headers to stdout.
- No -I (uppercase ‘i’). Includes both headers and returned content.
This approach is helpful if you want to capture headers while still seeing the complete response.
Comparing Flags
| Flag | Shows headers | Shows body | Best use case |
|---|---|---|---|
| -I (uppercase “i”) | Yes | No | Checking server status quickly via HEAD requests without downloading data |
| -v | Yes (detailed) | Yes | Debugging connection issues to see the full request/response cycle in verbose mode |
| -D - | Yes (separate) | Yes | Saving response headers to a file separately or dumping them to stdout while keeping the body |
| -i | Yes | Yes | Viewing the raw HTTP headers and the response body together |
If you want to follow redirects (301 or 302), keep in mind that cURL won’t show the full chain unless you use -L.
When response headers don’t show up as intended, it can be confusing, but it’s usually easy to fix:
- Check if you’re using the -I (uppercase ‘i’) flag.
- If using -v, scroll past the response content to see headers.
- Use -D to dump headers into a file or stdout.
Also, try checking the cURL version. Older versions might not support newer protocols or header formatting.
Dealing With HTTPS
Sometimes HTTP headers are hidden due to SSL issues. To fix that, try this:
curl -v - `insecure https://iproyal.com`
It tells cURL to ignore SSL certificate validation. It's beneficial for testing on local servers. Note that full flags (e.g., insecure) are preceded by double dashes (--).
cURL Command Cheat Sheet
- View headers only. curl -I
https://iproyal.com - Save headers to a file. curl -D headers.txt
https://iproyal.com - View verbose response. curl -v
https://iproyal.com - Show headers and response body. curl -i
https://iproyal.com - Show headers with silent output. curl -s -D -
https://iproyal.com - Follow redirects with headers. curl -IL
https://iproyal.com - Use a custom user agent curl -A ‘MyBot/1.0’
https://iproyal.com - Add client headers manually. curl -H X-Test: 123
https://iproyal.com - Use with a proxy curl -x
http://proxy:porthttps://iproyal.com
You can also chain multiple requests in a script to automate header checks. If you’re into scraping, we’ve covered it in our article about cURL proxy scraping examples .
Conclusion
Using cURL to view HTTP headers is a simple but effective way to debug and monitor web traffic. It gives complete control when sending HEAD requests, inspecting a response body, or customizing your user agent.
If you combine it with tools like proxies or saved headers, it will give you even more options. You can find more information about cURL in some of our other articles:
- How to download files with cURL
- How to send a cURL POST request
- How to use cURL for basic authentication
FAQ
Are HTTP headers case-sensitive?
No, HTTP headers are not case-sensitive. ‘Content-Type’ and ‘content-type’ are treated the same by servers and clients.
How do I get multiple headers?
Servers can send several headers with the same name. Use -i or -v to see them. You’ll notice duplicates like Set-Cookie.
How to see headers with cURL in PHP?
In PHP, you can use shell_exec() or proc_open() to run a cURL call. Or use PHP’s get_headers() function directly.
Do all HTTP responses include headers?
Yes, all HTTP responses include at least the status line and basic HTTP headers. They even include error responses.
How to show HTTP headers using a proxy?
Use curl -x with the proxy address, then add -v or -I.
Add the -w flag to output size information:
curl -s -o /dev/null -w '%{size_header}\n' https://iproyal.com
It tells you how large the HTTP headers were.
