If you want to really understand how a website or API behaves, looking at the HTTP response headers is one of the easiest wins. With curl, you can see status codes, cookies, caching rules, redirects, security headers and more, all from your terminal. In this guide, you will learn how to show HTTP response headers with curl, understand common problems, and quickly debug your requests.
HTTP Proxies are handling HTTP requests towards the internet on behalf of a client. They are fast and very popular when it comes to any kind of anonymous web browsing.
curl -IThe fastest way to see HTTP response headers only is a HEAD request.
curl -I https://anonymous-proxies.net
What happens here:
-I switches the method to HTTP HEADIf the site redirects (HTTP 301 / 302) and you want to see every hop, just add -L.
curl -I -L https://anonymous-proxies.net
Now curl prints headers for each redirect plus the final page.
-iWhen you are testing an API or JSON endpoint, it is nice to see headers and body in one go.
curl -i https://api.example.com/users/123
Basically what happens is this.
-i (or --include) prints the response headers firstThis is perfect when you want to confirm the status code, Content-Type and the actual JSON payload without running separate commands.
-D and -oSome servers behave differently for HEAD vs GET, so it is often safer to inspect headers from a real GET request.
To print only the headers from a GET, try the script below.
curl -s -D - -o /dev/null https://anonymous-proxies.net
What each flag does:
-s hides the progress meter-D - dumps the response headers to standard output-o /dev/null discards the bodyIf you want to save the headers to a file for later, write this in your terminal.
curl -s -D response-headers.txt -o /dev/null https://example.com
Now response-headers.txt is ready to be searched, shared with your team or committed to a repo.
curl -vWhen things get weird, verbose mode can give you the full picture.
curl -v https://example.com -o /dev/null
Verbose output shows:
>)<)A common mistake is to assume curl -I tells you the full truth. In reality, some servers:
If something does not add up, compare these 2 scripts.
curl -I https://example.comcurl -s -D - -o /dev/null https://example.com
Use the GET version as the reference for real user behavior.
If you only run:
curl -I https://example.com
you might only see the first 301/302. The final page (where users actually land) may have completely different headers.
Always add -L when you care about the final response:
curl -I -L https://example.com
This exposes all the redirect steps and the final Cache-Control, Set-Cookie, and security headers.
When you send requests through our residential proxies, some sites adapt behavior based on IP, country or ASN. You may see:
Set-Cookie valuesContent-LanguageAn example is:
curl -s -D - -o /dev/null \-x http://user:pass@res-proxy-host:8000 \https://target-site.com
Compare this with the same command run without -x. Any differences in headers tell you how that site treats traffic from different IP ranges.
Modern responses can have a lot of headers. When you only care about one or two, scrolling through everything is a waste of time.
Filter headers in the shell:
Only cookies:
curl -s -D - -o /dev/null https://example.com \| grep -i '^set-cookie'
Caching related headers:
curl -s -D - -o /dev/null https://static.example.com/app.js \| grep -Ei 'cache-control|expires|etag|age'
This keeps your focus on the values that actually matter for the problem you are solving.
One of the most powerful combinations is curl plus our residential proxies. You can see how a site behaves from multiple countries and networks without leaving your terminal.
For example, you can test a URL through one of our endpoints:
curl -s -D - -o /dev/null \-x http://user:pass@res-proxy-host:8000 \https://target-site.com
With this pattern you can compare:
Location)Headers are the main way to understand CDN and browser caching rules. A very common way to inspect caching for a static asset is to run the script below.
curl -s -D - -o /dev/null https://static.example.com/app.js \| grep -Ei 'cache-control|expires|etag|age'
With one short command, you can instantly see how long the asset is allowed to stay in cache through directives.
When you move to login flows and APIs, headers become even more important. For a login page, you can run the script below.
curl -s -D - https://example.com/login -o /dev/null
Here you look at Set-Cookie, security flags like Secure and HttpOnly, SameSite, and any redirect locations.
For an API endpoint, something like this works well.
curl -i https://api.example.com/data
When you look closely at the response headers, you can instantly confirm that the server is really sending JSON by checking the Content-Type. You can also see any rate limiting headers that tell you how often you are allowed to hit the API before it starts rejecting requests.
Once you get comfortable reading HTTP headers with curl in quiet mode, you unlock a serious advantage in web development. You can spot why an API is failing without guessing, understand why a scraper suddenly broke, and catch misconfigurations that might slow things down or block requests entirely. You now have several practical ways to inspect exactly what a server sends back and to pick the right approach for each situation. If you ever want a second pair of eyes on an issue, our support team is always here to help.
We offer highly secure, (Dedicated or Shared / Residential or Non-Residential) SOCKS5, Shadowsocks, DNS or HTTP Proxies.
DR SOFT S.R.L, Strada Lotrului, Comuna Branesti, Judet Ilfov, Romania
@2025 anonymous-proxies.net