FreeKB - Curl -l --head (HTTP headers)
Curl - -l --head (HTTP headers)

The curl command with the -I or --head flag can be used to view the HTTP headers. For example, here is how to view the headers of www.example.com.

~]$ curl --head http://www.example.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 400945
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Oct 2020 02:43:57 GMT
Etag: "3147526947"
Expires: Wed, 28 Oct 2020 02:43:57 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (ord/572F)
X-Cache: HIT
Content-Length: 1256

 

Likewise, the -v or --verbose flags will also display the HTTP headers. Additionally, the > character will be used for the request (from the client to the target server) and the < character for the response (from the target server to the client).

~]$ curl --verbose http://www.example.com
* About to connect() to www.example.com port 80 (#0)
*   Trying 93.184.216.34... connected
* Connected to www.example.com (93.184.216.34) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: www.example.com
> Accept: */*
> 
< HTTP/1.1 200 OK
< Age: 409564
< Cache-Control: max-age=604800
< Content-Type: text/html; charset=UTF-8
< Date: Wed, 21 Oct 2020 02:47:07 GMT
< Etag: "3147526947+ident"
< Expires: Wed, 28 Oct 2020 02:47:07 GMT
< Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
< Server: ECS (ord/573B)
< Vary: Accept-Encoding
< X-Cache: HIT
< Content-Length: 1256

 


SSL

When connecting to an HTTPS URL that uses SSL, and the -k or --insecure flag is used, something like this will be included in the output.

* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
*       subject: CN=www.example.com,OU=Acme,O=Acme,L=Guam,ST=AB,C=US
*       start date: Jul 29 00:07:04 2020 GMT
*       expire date: Jul 27 00:07:04 2030 GMT
*       common name: www.example.com
*       issuer: CN=www.example.com,OU=Acme,O=Acme,L=Guam,ST=AB,C=US

 


Basic Authentication

When connecting to a URL that uses basic authentication (username, password), and the -u or --user option is used, something like this will be included in the output.

* Server auth using Basic with user 'john.doe'
> Authorization: Basic amVyZW15LmNhbmZpZWxkQGZyZWVrYi5uZXQ6QWRtaW4hNWc=

 


Cookie

If a cookie is created as part of the connection, something like this will be included in the output.

< Set-Cookie: PHPSESSID=emcbkuojp5150n0hhrgfcjbe52; path=/; domain=.example.com; HttpOnly

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter 6c529 in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |