What is nossl.sh?
A modern diagnostic splash page that mirrors NeverSSL while adding live request details.
Live snapshot
Connection report
IP address
IPv6 address
IPv6 address
🇺🇸 United States
Headers
Request headers
8 headers
| Header | Value |
|---|---|
| accept | */* |
| accept-encoding | gzip, br, zstd, deflate |
| cache-control | max-age=259200 |
| connection | close |
| host | nossl.sh |
| user-agent | Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com) |
| via | 1.1 squid-proxy-5b5d847c96-788gb (squid/6.13) |
| x-forwarded-for | 216.73.216.63 |
Why nossl.sh exists
Many captive portals refuse to load on HTTPS-only sites. nossl.sh serves plain HTTP so restricted networks expose their login forms.
When you load the page it echoes your headers, IP address, and connection type so you can prove what the network sees.
- Trigger hotel, airport, and campus captive portals.
- Validate that a device can resolve DNS and negotiate HTTP.
- Inspect raw headers to debug proxy rewriting or filters.
Key diagnostics you receive
Beyond being a simple landing page, nossl.sh keeps a running counter of HTTP vs HTTPS requests and shows the headers your device transmits.
- Connection snapshot with scheme, IP, and timestamp.
- Copyable JSON of every header the request sent.
- Quick jump to the honeypot dashboard that tracks /.env scans.
Is nossl.sh safe to open?
The site intentionally serves over HTTP to mimic NeverSSL. It does not run scripts that change your system, but you should only use it on networks you trust.
Can I automate checks against nossl.sh?
Yes. Use curl or fetch the /api/request-info endpoint to capture the same data programmatically.
Quick steps to trigger captive portals
Apple captive portal check
Open the official Apple CNA page to force the captive assistant on iOS and macOS devices.
Open Apple captive portalAndroid captive portal check
Use the Android connectivity check URL that devices call before presenting the portal dialog.
Open Android captive portal