ftps://in your URL. This makes curl connect to the host and do a TLS handshake immediately, without doing anything in the clear. If no port number is specified in the URL, curl will use port 990 for this. This is usually not how FTPS is done.
ftp://URL, but instruct curl to upgrade the connection into a secure one using the
--ssl, or you can force curl to either upgrade or fail the whole thing hard if the upgrade fails by using
--ssl-reqd. We strongly recommend using the latter, so that you can be sure that a secure transfer is done - if any.