Table of contents
Basic cURL request
- Add
-k
to ignore SSL error - Add
-L
to follow the redirect
curl -svo /dev/null https://example.com
curl -svo /dev/null https://example.com -k
curl -svo /dev/null https://example.com -L
curl -svo /dev/null https://example.com -kL
- HTTP version:
--http1.1
,--http2
curl -svo /dev/null --http2 https://example.com
- TLS version:
--tls-max 1.0
&--tlsv1.0
curl -svo /dev/null --tls-max 1.0 https://example.com
curl -svo /dev/null --tlsv1.3 https://example.com
- Cipher compatibility:
--cipher "TLS_RSA_WITH_AES_128_GCM_SHA256"
curl -svo /dev/null --cipher "TLS_RSA_WITH_AES_128_GCM_SHA256" https://example.com
- Send cURL to an IP
curl -svo /dev/null https://192.25.25.0:443 -k
- Add
-A "test"
as an userAgent
curl -svo /dev/null -A "test" https://example.com
- Add
--connect-to ::192.25.25.0
for origin server if hostname is proxy behind CDN - Use
--resolve
flag for the same test
curl -svo /dev/null https://example.com --connect-to ::192.25.25.0
curl -svo /dev/null https://example.com --resolve example.com:443:192.25.25.0
- Add
2>&1 | egrep -i '<|>'
for grabbing specificResponse Headers
curl -svo /dev/null https://example.com --connect-to ::192.25.25.0 -k 2>&1 | egrep -i '<|>'
cURL + grep
Multi response headers
- egrep
curl -svo /dev/null https://example.com 2>&1 | egrep 'Date|Server|Last-Modified'
- grep -i
curl -svo /dev/null 'https://example.com' 2>&1 | grep -i '< content-type\|< Server\|< Last-Modified'
Specific word(s) from HTML outputs
curl -sL example.com | grep any-word
cURL with request headers
Accept header
- Add
-H
or using--header
, to specify the request with what this request accepts.
curl -svo /dev/null -H "accept: text/html,application/xml,image/avif, image/webp, image/png https://example.com/apple.jpg"
- Common accept headers:
-H 'accept-encoding: gzip'
-H 'accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,_/_;q=0.8'
-H 'accept-language: en-US,en;q=0.9'
-H 'accept: application/javascript'
If-Modified-Since
- Using
If-Modified-Since
curl -svo /dev/null -H "If-Modified-Since: Fri, 23 Sep 2021 01:13:54 GMT" https://example.com/style.css
X-Real-IP
- Using
-H "x-real-ip:192.25.25.0"
to send request from a fake IP, which can be testing for security on Nginx.
curl -s -H "x-real-ip:192.25.25.0" https://example.com
Request Host Header
- Parsing a request directly to the IP with the HOST header.
curl -sLvo /dev/null 192.25.25.0 -H "Host: example.com"
Range Request
- Using Range to request static file and force 206 partial content status code.
curl -svo /dev/null -H 'Range: bytes=0-500' https://example.com/apple.jpg 2>&1 | grep -i '<'
cURL for time + performance
curl -svo /dev/null https://example.com/ \
-w "\nContent Type: %{content_type} \
\nHTTP Code: %{http_code} \
\nHTTP Connect:%{http_connect} \
\nNumber Connects: %{num_connects} \
\nNumber Redirects: %{num_redirects} \
\nRedirect URL: %{redirect_url} \
\nSize Download: %{size_download} \
\nSize Upload: %{size_upload} \
\nSSL Verify: %{ssl_verify_result} \
\nTime Handshake: %{time_appconnect} \
\nTime Connect: %{time_connect} \
\nName Lookup Time: %{time_namelookup} \
\nTime Pretransfer: %{time_pretransfer} \
\nTime Redirect: %{time_redirect} \
\nTime Start Transfer: %{time_starttransfer} \
\nTime Total: %{time_total} \
\nEffective URL: %{url_effective}\n" 2>&1
cURL + Loop
- Just looping
for i in {1..3}; do curl -svo /dev/null https://example.com \
2>&1 | grep -i '< http\|< content-length\|< age'; sleep 5; done
- Looping requests + time performance
for i in {1..5}; do curl -svo /dev/null https://exampl.com \
-w "Connect: %{time_connect} TTFB: %{time_starttransfer} Total time: %{time_total} \n" \
2>&1 |grep "Connect:\|< HTTP\|< Server"; done
- While True
while true; do curl -svo /dev/null https://exampl.com \
2>&1 | grep '< HTTP' && sleep 5; done
cURL + Burst
seq 1 20 | xargs -n1 -P10 \
curl -svo /dev/null https://example.com \
2>&1 | grep -i '< http'
cURL + API methods
Click to view the basic cURL with API tutorial