Device Capture: see every request your iPhone, iPad, and Android make — in real time

You’ve shipped the app. You’ve reviewed the code. You’ve tested in the simulator. And then a user reports that the feed is empty on their phone, or a payment step silently fails, or a screen shows data that was stale three minutes ago — and you have absolutely no idea where it went wrong. The simulator can’t tell you. Xcode’s network instruments give you timing numbers but not the body. Console logs show you what your code did, not what the network actually returned. Device Capture is the feature that closes that gap: every HTTP and HTTPS request your iPhone, iPad, or Android makes appears in Traceptor alongside your Mac traffic, decrypted and readable, the moment it happens.

Two ways to capture — pick what fits your situation

Device Capture in Traceptor works two ways. The first routes your device’s Wi-Fi traffic through Traceptor on your Mac — full desktop tools, bigger screen, rewriting and mocking included. The second runs entirely on the device using the TraceptorIOScompanion app, with no Mac in the loop at all. Most day-to-day development uses the first. The second matters when you’re on a plane, handing a debug build to a remote tester, or debugging a scenario where the Mac simply isn’t available.

Image coming soon

Capturing over Wi-Fi — the Mac-as-proxy flow

Open Mobile Setupin Traceptor and you get a QR code. Scan it with your phone’s camera. It opens a setup portal — a small HTML page that the proxy itself serves on port 9090. The portal has two tabs: Manual Proxy and Auto (PAC). Use PAC. It gives you a single URL to paste into your device’s Wi-Fi settings under Configure Proxy → Automatic. No IP, no port field — just one URL, and the operating system fetches the proxy config from it. If your Mac’s IP changes, the PAC URL stays valid.

After that: download the Traceptor CA from the portal, install it, and enable full trust for root certificates in your device’s certificate settings. That’s the step that unlocks HTTPS decryption — without it you’ll see connections but not the bodies. Once trusted, every request from every app on the device shows up in Traceptor’s traffic list, right next to your Mac requests.

Android is the same idea, different UI

Android uses the same PAC-URL approach — Wi-Fi settings, long-press your network, Modify Network, Advanced Options, Proxy → Auto-Config, paste the PAC URL. The cert install differs by Android version and vendor, but the portal walks you through it: download the .pem, install it as a user CA under Security or Biometrics & Security, and name it whatever you like. From that point on, Android routes HTTPS through Traceptor and you read it on your Mac exactly as you would iPhone traffic. The two devices can be connected at the same time — each shows up attributed to its own host in the request list.

What you can do with captured device traffic

Once your device is proxied, the full Traceptor toolset applies — not a cut-down mobile view, the same tools you use on your Mac traffic:

• Filter by host, method, or status — isolate requests from your own domain while the rest of the noise collapses
• Rewrite responses — swap a real API response with a fixture JSON, inject an error, or change a field value to test an edge-case render
• Map Local — pin any URL to a file on disk; the device gets the file every time without touching the server
• Block — cut off specific hosts or use Block Presets to silence analytics and trackers across all devices on the proxy
• Security Scanner — the passive OWASP check runs on device requests the same as it does on Mac requests; security issues surface in real mobile traffic
• Network Throttle — apply 3G or 2G conditions to all proxied traffic and watch how your app behaves on a bad connection

What you’ll find the first time you do this

Developers who capture real device traffic for the first time consistently describe the same experience: they thought they knew what their app did on the network. They did not. Here is what shows up:

• Analytics you forgot you had — Mixpanel, Firebase, Adjust, AppsFlyer, sometimes two or three of them firing on the same event, with payload sizes larger than the API call that triggered the user action
• Retry storms — push-notification token rotations, auth refresh races, or failed background fetches hammering an endpoint every few seconds
• Third-party SDK calls you can’t see inside — crash reporters, attribution libraries, and A/B testing SDKs quietly phoning home to servers you have no visibility into otherwise
• Oversized payloads — a full user profile returned on every session start, a base64 avatar baked into the login response, or an endpoint that returns 400 items when the screen renders 12
• Stale polling you wrote two years ago — still firing every 30 seconds on battery, still unnecessary

None of this is visible from the simulator with the same clarity. The simulator shares the Mac’s network stack and skips cellular, location-based code paths, and the third-party SDKs that only initialize on a real device. Real device, real network, real story.

The iOS Simulator and Mac Catalyst, as a bonus

Worth noting: the iOS Simulator inherits the Mac’s system proxy settings. Set Traceptor as your Mac’s system-wide proxy and the simulator routes through it automatically — no QR scanning, no cert install, no PAC URL. Same for Mac Catalyst targets. The QR setup portal is only for a real device in your hand.

TraceptorIOS — when there’s no Mac in the room

The TraceptorIOScompanion app is a standalone capture tool for iPhone and iPad. It runs a VPN locally using NetworkExtension’s PacketTunnel — no Wi-Fi proxy, no Mac, no certificate installed system-wide. The capture happens entirely on the device, in an app with its own traffic list and detail view.

Use it when you’re offline, traveling, or shipping a debug build to a remote QA tester who isn’t near your laptop. It gives you request and response bodies, headers, status codes, and timing — everything you need to triage a network issue without any external infrastructure. For rewriting, mocking, Map Local, or the security scanner, you’ll want the Mac-proxied workflow; for pure read-only inspection anywhere, TraceptorIOS gets the job done.