Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.
This article is intended for enterprise and education network administrators.
Apple products require access to the Internet hosts in this article for a variety of services. Here's how your devices connect to hosts and work with proxies:
- Network connections to the hosts below are initiated by the device, not by hosts operated by Apple.
- Apple services will fail any connection that uses HTTPS Interception (SSL Inspection). If the HTTPS traffic traverses a web proxy, disable HTTPS Interception for the hosts listed in this article.
Make sure your Apple devices can access the hosts listed below.
Apple Push Notifications
Learn how to troubleshoot connecting to the Apple Push Notification service (APNs). For devices that send all traffic through an HTTP proxy, you can configure the proxy either manually on the device or with a configuration profile. Beginning with macOS 10.15.5, devices can connect to APNs when configured to use the HTTP proxy with a proxy auto-config (PAC) file.
Device setup
Access to the following hosts might be required when setting up your device, or when installing, updating or restoring the operating system.
| Hosts | Ports | Protocol | OS | Description | Supports proxies |
|---|---|---|---|---|---|
| albert.apple.com | 443 | TCP | iOS, tvOS, and macOS | Device activation | Yes |
| captive.apple.com | 443, 80 | TCP | iOS, tvOS, and macOS | Internet connectivity validation for networks that use captive portals | Yes |
| gs.apple.com | 443 | TCP | iOS, tvOS, and macOS | Yes | |
| humb.apple.com | 443 | TCP | iOS, tvOS, and macOS | Yes | |
| static.ips.apple.com | 443, 80 | TCP | iOS, tvOS, and macOS | Yes | |
| sq-device.apple.com | 443 | TCP | iOS only | eSIM activation | — |
| tbsc.apple.com | 443 | TCP | iOS, tvOS, and macOS | Yes | |
| time-ios.apple.com | 123 | UDP | iOS and tvOS only | Used by devices to set their date and time | — |
| time.apple.com | 123 | UDP | iOS, tvOS, and macOS | Used by devices to set their date and time | — |
| time-macos.apple.com | 123 | UDP | macOS only | Used by devices to set their date and time | — |
Device Management
Network access to the following hosts might be required for devices enrolled in Mobile Device Management (MDM):
| Hosts | Ports | Protocol | OS | Description | Supports proxies |
|---|---|---|---|---|---|
| *.push.apple.com | 443, 80, 5223, 2197 | TCP | iOS, tvOS, and macOS | Push notifications | Learn more about APNs and proxies. |
| gdmf.apple.com | 443 | TCP | iOS, tvOS, and macOS | Used by an MDM server to identify which software updates are available to devices that use managed software updates |