If you are concerned about someone else obtaining sensitive data, it's probably not wise to have it accessible via HTTP. HTTPS does give you some little security because traffic between your "local machine" and the remote server is encrypted in transit and can't easily be snooped by any third party. However, if anyone were to obtain that url, they could also download the text file. Maxxd has a good suggestion to avoid writing the text file if you can. If this step is absolutely necessary, then save it outside of the web root so it cannot be downloaded directly by some random visitor. If your server shows directory indexes, this could be very problematic.
Running an SFTP server on your local machine can be a chore to set up and would require you to keep your local machine on whenever this transfer is supposed to happen. If you typically connect to the internet through a router like I do, you'd have to learn how to do port forwarding of SFTP connections to the router to the correct machine on your LAN. NogDog is right that pulling is better.
Maxxd has a reasonable suggestion about using a key, but that key is far too simple. If you take that approach, generate a much longer one. Maybe try this code:
$token = bin2hex(openssl_random_pseudo_bytes(16));
# or in php7
$token = bin2hex(random_bytes(16));
Another option is to encrypt the file with something like gnupg on the server and email it. BCEncrypt is pretty old now, but might work. It takes some figuring out, but uses serious cryptographic tools to encrypt data so you can email it without worrying too much.
As for your curl script, you apparently haven't included the entire script -- the output you describe doesn't correspond to anything in your PHP code.