curl cross origin request needs user-agent to work?
Curl has a built-in user agent string like User-Agent: curl/7.51.0
that it uses if you don'y specify one. It's not uncommon to find servers that reject requests from it. (Which is silly, because it's trivially easy to fake.) If the host is being picky like this, you can just provide a user agent string from a real browser to fool the host.