diff --git a/Library/Homebrew/utils/curl.rb b/Library/Homebrew/utils/curl.rb
index 4b0992b89b03230b6a2fa6c19ebdcb398b0b0553..7ca847b3fc625883859e698d8d5663ec0fa0ca17 100644
--- a/Library/Homebrew/utils/curl.rb
+++ b/Library/Homebrew/utils/curl.rb
@@ -143,9 +143,9 @@ def curl_check_http_content(url, user_agents: [:default], check_content: false,
 
   unless http_status_ok?(details[:status])
     # Check if the URL is protected by CloudFlare.
-    if details[:status].to_i == 503 &&
-       details[:file].include?("set-cookie: __cfduid=") &&
-       details[:file].include?("server: cloudflare")
+    if [403, 503].include?(details[:status].to_i) &&
+       details[:headers].include?("set-cookie: __cfduid=") &&
+       details[:headers].include?("server: cloudflare")
       return
     end
 
@@ -236,6 +236,7 @@ def curl_http_content_headers_and_checksum(url, hash_needed: false, user_agent:
     status:         status_code,
     etag:           headers[%r{ETag: ([wW]/)?"(([^"]|\\")*)"}, 2],
     content_length: headers[/Content-Length: (\d+)/, 1],
+    headers:        headers,
     file_hash:      output_hash,
     file:           output,
   }