Analysis Overview
SHA256
057be7a598682f44faf44a3b1fbf9f78a5c3f93e886b209d864d56e13a991a66
Threat Level: Likely benign
The file d3ZXHLsxqw.webp was found to be: Likely benign.
Malicious Activity Summary
Resource Forking
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-17 10:04
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-17 10:04
Reported
2024-06-17 10:59
Platform
macos-20240611-en
Max time kernel
2240s
Max time network
2663s
Command Line
Signatures
Resource Forking
| Description | Indicator | Process | Target |
| N/A | /System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/TCC.framework/Resources/tccd system | N/A | N/A |
| N/A | /System/Library/PrivateFrameworks/TCC.framework/Resources/tccd | N/A | N/A |
| N/A | /System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy | N/A | N/A |
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Users/run/d3ZXHLsxqw.webp"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Users/run/d3ZXHLsxqw.webp"]
/usr/bin/sudo
[sudo /bin/zsh -c /Users/run/d3ZXHLsxqw.webp]
/bin/zsh
[/bin/zsh -c /Users/run/d3ZXHLsxqw.webp]
/Users/run/d3ZXHLsxqw.webp
[/Users/run/d3ZXHLsxqw.webp]
/usr/libexec/xpcproxy
[xpcproxy com.apple.sysmond]
/usr/libexec/sysmond
[/usr/libexec/sysmond]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.systemsoundserverd]
/usr/sbin/systemsoundserverd
[/usr/sbin/systemsoundserverd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.pbs]
/System/Library/CoreServices/pbs
[/System/Library/CoreServices/pbs]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.AudioComponentRegistrar]
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon]
/usr/libexec/xpcproxy
[xpcproxy com.apple.security.cloudkeychainproxy3]
/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy
[/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy]
/usr/libexec/xpcproxy
[xpcproxy com.apple.geod]
/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]
/usr/libexec/xpcproxy
[xpcproxy com.apple.geod]
/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]
/usr/libexec/xpcproxy
[xpcproxy com.apple.secinitd]
/usr/libexec/secinitd
[/usr/libexec/secinitd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AddressBook.ContactsAccountsService]
/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService
[/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.routined]
/usr/libexec/routined
[/usr/libexec/routined LAUNCHED_BY_LAUNCHD]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Maps.mapspushd]
/System/Library/CoreServices/mapspushd
[/System/Library/CoreServices/mapspushd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.nehelper]
/usr/libexec/nehelper
[/usr/libexec/nehelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A]
/usr/libexec/neagent
[/usr/libexec/neagent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.2028]
/Applications/Safari.app/Contents/MacOS/Safari
[/Applications/Safari.app/Contents/MacOS/Safari]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.History]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History]
/usr/libexec/xpcproxy
[xpcproxy com.apple.siri.context.service]
/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService
[/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.F84B265E-7FC8-4D0C-A3ED-83136A128EDE 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SafariLaunchAgent]
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.akd]
/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd
[/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.A0AF7802-608B-4A01-B206-E4BDBA4F7DA1 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.CoreAuthentication.agent]
/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd
[/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.SearchHelper 581]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.SafeBrowsing.Service]
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
[/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.6965C12D-0F8B-416D-873F-752DBC77E990 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.mediaremoted]
/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted
[/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.AudioComponentRegistrar]
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.SandboxHelper 600]
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.accessibility.mediaaccessibilityd]
/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
[/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.E775A484-A0F5-4F73-B1B6-3016695538F3 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.5A0612FD-539D-4B08-AE17-6657981A14BF 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.3152966A-476E-4F2B-801D-8202545D7452 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.EE6215D2-55E0-4F47-AA39-80588E5F5B95 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.mobile.keybagd]
/usr/libexec/keybagd
[/usr/libexec/keybagd -t 15]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump]
/usr/sbin/spindump
[/usr/sbin/spindump]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump_agent]
/usr/libexec/spindump_agent
[/usr/libexec/spindump_agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.SandboxHelper 612]
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ViewBridgeAuxiliary]
/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary
[/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary]
/usr/libexec/xpcproxy
[xpcproxy com.apple.accessibility.mediaaccessibilityd]
/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
[/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.secinitd]
/usr/libexec/secinitd
[/usr/libexec/secinitd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.D148B497-786F-400E-B6FE-D4D00AE3530C 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.mobileassetd]
/usr/libexec/mobileassetd
[/usr/libexec/mobileassetd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.mobile.keybagd]
/usr/libexec/keybagd
[/usr/libexec/keybagd -t 15]
/usr/libexec/xpcproxy
[xpcproxy com.apple.coreduetd]
/usr/libexec/coreduetd
[/usr/libexec/coreduetd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ViewBridgeAuxiliary]
/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary
[/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary]
/usr/libexec/xpcproxy
[xpcproxy com.apple.geod]
/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]
/usr/libexec/xpcproxy
[xpcproxy com.apple.geod]
/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]
/usr/libexec/xpcproxy
[xpcproxy com.apple.secinitd]
/usr/libexec/secinitd
[/usr/libexec/secinitd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.cfprefsd.xpc.agent]
/usr/sbin/cfprefsd
[/usr/sbin/cfprefsd agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.mobileassetd]
/usr/libexec/mobileassetd
[/usr/libexec/mobileassetd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.mobile.keybagd]
/usr/libexec/keybagd
[/usr/libexec/keybagd -t 15]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.History]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History]
/usr/libexec/xpcproxy
[xpcproxy com.apple.nehelper]
/usr/libexec/nehelper
[/usr/libexec/nehelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A]
/usr/libexec/neagent
[/usr/libexec/neagent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ContextStoreAgent]
/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent
[/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ScreenTimeAgent]
/System/Library/PrivateFrameworks/ScreenTimeCore.framework/Versions/A/ScreenTimeAgent
[/System/Library/PrivateFrameworks/ScreenTimeCore.framework/Versions/A/ScreenTimeAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.dmd]
/usr/libexec/dmd
[/usr/libexec/dmd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.trustd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.CodeSigningHelper]
/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/com.apple.CodeSigningHelper.xpc/Contents/MacOS/com.apple.CodeSigningHelper
[/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/com.apple.CodeSigningHelper.xpc/Contents/MacOS/com.apple.CodeSigningHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.tccd.system]
/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd
[/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd system]
/usr/libexec/xpcproxy
[xpcproxy com.apple.sandboxd]
/usr/libexec/sandboxd
[/usr/libexec/sandboxd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.iconservices.iconservicesagent]
/System/Library/CoreServices/iconservicesagent
[/System/Library/CoreServices/iconservicesagent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.bird]
/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird
[/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird]
/usr/libexec/xpcproxy
[xpcproxy com.apple.iconservices.iconservicesd]
/System/Library/CoreServices/iconservicesd
[/System/Library/CoreServices/iconservicesd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.sysmond]
/usr/libexec/sysmond
[/usr/libexec/sysmond]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.SearchHelper 581]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper]
/usr/libexec/xpcproxy
[xpcproxy com.apple.akd]
/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd
[/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.suggestd]
/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd
[/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.knowledge-agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.siri.context.service]
/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService
[/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService]
/usr/libexec/knowledge-agent
[/usr/libexec/knowledge-agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.tccd]
/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd
[/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.FC70C15A-EF49-47A5-B9E8-4DD6732A4A8B 581]
/usr/libexec/xpcproxy
[xpcproxy com.apple.pluginkit.pkd]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/pkd
[/usr/libexec/pkd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AddressBook.ContactsAccountsService]
/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService
[/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.CalendarAgent]
/System/Library/PrivateFrameworks/CalendarAgent.framework/Executables/CalendarAgent
[/System/Library/PrivateFrameworks/CalendarAgent.framework/Executables/CalendarAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.CalendarNotification.CalNCService 668]
/System/Library/PrivateFrameworks/CalendarNotification.framework/Versions/A/XPCServices/CalNCService.xpc/Contents/MacOS/CalNCService
[/System/Library/PrivateFrameworks/CalendarNotification.framework/Versions/A/XPCServices/CalNCService.xpc/Contents/MacOS/CalNCService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.coreduetd]
/usr/libexec/coreduetd
[/usr/libexec/coreduetd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.secd]
/usr/libexec/secd
[/usr/libexec/secd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.nsurlstoraged]
/usr/libexec/nsurlstoraged
[/usr/libexec/nsurlstoraged --privileged]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ReportCrash]
/System/Library/CoreServices/ReportCrash
[/System/Library/CoreServices/ReportCrash agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ReportMemoryException]
/usr/libexec/ReportMemoryException
[/usr/libexec/ReportMemoryException]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump]
/usr/sbin/spindump
[/usr/sbin/spindump]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump_agent]
/usr/libexec/spindump_agent
[/usr/libexec/spindump_agent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.10FA79BC-B25B-4DD9-AF43-E69B93DED013 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.9627D6C2-43F9-477B-8DBD-2FD6BE864C44 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.06407F8F-80DC-4F5D-B71E-DC03D22693B4 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.F3AEAA80-349A-4617-B07C-73CDA2111320 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.BBCD63FD-B020-430C-B40D-820EBDDEEEB9 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.0A8D5AF5-DE1F-4282-BB12-252B89D2AFCB 581]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.newsyslog]
/usr/sbin/newsyslog
[/usr/sbin/newsyslog]
/usr/libexec/xpcproxy
[xpcproxy com.apple.routined]
/usr/libexec/routined
[/usr/libexec/routined LAUNCHED_BY_LAUNCHD]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Maps.mapspushd]
/System/Library/CoreServices/mapspushd
[/System/Library/CoreServices/mapspushd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.adid]
/System/Library/PrivateFrameworks/CoreADI.framework/adid
[/System/Library/PrivateFrameworks/CoreADI.framework/adid]
/usr/libexec/xpcproxy
[xpcproxy com.apple.diagnosticd]
/usr/libexec/diagnosticd
[/usr/libexec/diagnosticd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.security.cloudkeychainproxy3]
/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy
[/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AccountPolicyHelper]
/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper
[/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper]
Network
| Country | Destination | Domain | Proto |
| GB | 51.132.193.104:443 | tcp | |
| GB | 17.250.81.67:443 | tcp | |
| US | 8.8.8.8:53 | mobile.events.data.trafficmanager.net | udp |
| US | 20.189.173.17:443 | tcp | |
| US | 8.8.8.8:53 | h3.apis.apple.map.fastly.net | udp |
| US | 8.8.8.8:53 | e4686.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | gspe1-ssl.ls.apple.com.edgesuite.net | udp |
| GB | 104.77.118.121:443 | tcp | |
| US | 8.8.8.8:53 | a479.dscg4.akamai.net | udp |
| GB | 2.16.170.115:443 | gspe1-ssl.ls.apple.com.edgesuite.net | tcp |
| US | 8.8.8.8:53 | e673.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | api-glb-aeuw3b.smoot.apple.com | udp |
| US | 8.8.8.8:53 | gateway.fe2.apple-dns.net | udp |
| US | 8.8.8.8:53 | cds.apple.com | udp |
| BE | 104.68.86.71:443 | cds.apple.com | tcp |
| US | 8.8.8.8:53 | help.apple.com | udp |
| US | 23.220.113.166:443 | help.apple.com | tcp |
| US | 23.220.113.166:443 | help.apple.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | e10499.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| DE | 142.250.185.142:443 | clients1.google.com | tcp |
| US | 8.8.8.8:53 | e673.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | www.yelp.com | udp |
| US | 151.101.192.116:443 | www.yelp.com | tcp |
| US | 8.8.8.8:53 | safebrowsing.googleapis.com | udp |
| US | 8.8.8.8:53 | www.yelp.co.uk | udp |
| PL | 18.244.146.76:443 | www.yelp.co.uk | tcp |
| US | 8.8.8.8:53 | cdn2.smoot.apple.com | udp |
| US | 8.8.8.8:53 | cdn.smoot.apple.com | udp |
| GB | 17.253.37.206:443 | cdn.smoot.apple.com | tcp |
| GB | 17.253.37.206:443 | cdn.smoot.apple.com | tcp |
| US | 8.8.8.8:53 | s3-media0.fl.yelpcdn.com | udp |
| US | 151.101.193.91:443 | s3-media0.fl.yelpcdn.com | tcp |
| US | 8.8.8.8:53 | itunes.apple.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| DE | 142.250.186.78:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| DE | 172.217.18.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| DE | 142.250.186.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| DE | 142.250.186.78:443 | www.youtube.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | rr1---sn-q4fzen7y.googlevideo.com | udp |
| US | 173.194.141.102:443 | rr1---sn-q4fzen7y.googlevideo.com | tcp |
| US | 173.194.141.102:443 | rr1---sn-q4fzen7y.googlevideo.com | tcp |
| US | 173.194.141.102:443 | rr1---sn-q4fzen7y.googlevideo.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 173.194.141.102:443 | rr1---sn-q4fzen7y.googlevideo.com | tcp |
| DE | 142.250.185.68:443 | www.google.com | tcp |
| US | 173.194.141.102:443 | rr1---sn-q4fzen7y.googlevideo.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 173.194.141.102:443 | rr1---sn-q4fzen7y.googlevideo.com | tcp |
| DE | 142.250.186.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| DE | 142.250.186.110:443 | play.google.com | tcp |
| DE | 142.250.185.195:443 | www.google.co.uk | tcp |
| DE | 142.250.186.78:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | e6858.dscx.akamaiedge.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| DE | 142.250.186.74:443 | jnn-pa.googleapis.com | tcp |
| NL | 216.58.206.70:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| DE | 142.250.185.238:443 | youtube.com | tcp |
| DE | 142.250.185.142:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | cdn.smoot.g.aaplimg.com | udp |
| GB | 17.253.37.206:443 | cdn.smoot.apple.com | tcp |
| GB | 17.253.37.202:443 | cdn.smoot.g.aaplimg.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| DE | 142.250.185.142:443 | consent.google.com | tcp |
| DE | 142.250.185.68:443 | www.google.com | tcp |
| DE | 142.250.185.68:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | slopeonline.online | udp |
| US | 104.21.31.181:443 | slopeonline.online | tcp |
| US | 8.8.8.8:53 | platform-api.sharethis.com | udp |
| GB | 108.138.217.59:443 | platform-api.sharethis.com | tcp |
| US | 8.8.8.8:53 | buttons-config.sharethis.com | udp |
| US | 8.8.8.8:53 | data.stbuttons.click | udp |
| GB | 18.245.143.93:443 | buttons-config.sharethis.com | tcp |
| GB | 18.239.236.43:443 | data.stbuttons.click | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | l.sharethis.com | udp |
| US | 8.8.8.8:53 | platform-cdn.sharethis.com | udp |
| IE | 54.220.148.100:443 | l.sharethis.com | tcp |
| GB | 18.165.201.26:443 | platform-cdn.sharethis.com | tcp |
| US | 104.21.31.181:443 | slopeonline.online | tcp |
| US | 8.8.8.8:53 | player-auth.services.api.unity.com | udp |
| US | 34.102.143.233:443 | player-auth.services.api.unity.com | tcp |
| US | 8.8.8.8:53 | leaderboards.services.api.unity.com | udp |
| US | 8.8.8.8:53 | www.wikipedia.org | udp |
| NL | 185.15.59.224:443 | www.wikipedia.org | tcp |
| US | 8.8.8.8:53 | upload.wikimedia.org | udp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| US | 8.8.8.8:53 | e673.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | en.wikipedia.org | udp |
| NL | 185.15.59.224:443 | en.wikipedia.org | tcp |
| US | 8.8.8.8:53 | e10499.dsce9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | gspe1-ssl.ls.apple.com.edgesuite.net | udp |
| GB | 2.16.170.49:443 | gspe1-ssl.ls.apple.com.edgesuite.net | tcp |
| GB | 2.16.170.49:443 | gspe1-ssl.ls.apple.com.edgesuite.net | tcp |
| US | 8.8.8.8:53 | gsp64-ssl.ls-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | lb._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |
| DE | 142.250.185.142:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | cdn2.smoot.apple.com | udp |
| GB | 17.253.37.202:443 | cdn.smoot.g.aaplimg.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| FR | 128.116.122.3:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| GB | 108.138.217.124:443 | static.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | roblox.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.244.155.10:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| FR | 128.116.122.3:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| BE | 104.117.77.17:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 216.137.44.8:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 216.137.44.8:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | configuration.apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| FR | 128.116.122.3:443 | realtime-signalr.roblox.com | tcp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| FR | 128.116.122.4:443 | lms.roblox.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| NL | 2.18.121.34:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | waw1-128-116-124-3.roblox.com | udp |
| US | 8.8.8.8:53 | bom1-128-116-104-4.roblox.com | udp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 8.8.8.8:53 | lga2-128-116-32-3.roblox.com | udp |
| US | 8.8.8.8:53 | pulsar.roblox.com | udp |
| US | 8.8.8.8:53 | mia4-128-116-45-3.roblox.com | udp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | iad4-128-116-102-3.roblox.com | udp |
| US | 8.8.8.8:53 | sin2-128-116-97-3.roblox.com | udp |
| US | 8.8.8.8:53 | ord2-128-116-101-3.roblox.com | udp |
| PL | 128.116.124.3:443 | pulsar.roblox.com | tcp |
| IN | 128.116.104.4:443 | bom1-128-116-104-4.roblox.com | tcp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| PL | 128.116.124.3:443 | pulsar.roblox.com | tcp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | cs.ns1p.net | udp |
| DE | 52.28.200.16:443 | cs.ns1p.net | tcp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | s.ns1p.net | udp |
| FR | 128.116.122.4:443 | lms.roblox.com | tcp |
| DE | 3.123.132.50:443 | s.ns1p.net | tcp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | c0.rbxcdn.com | udp |
| GB | 108.156.46.103:443 | c0.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 8.8.8.8:53 | b.ns1p.net | udp |
| US | 8.8.8.8:53 | t5.rbxcdn.com | udp |
| GB | 18.245.187.22:443 | t5.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | sin4-128-116-50-3.roblox.com | udp |
| US | 8.8.8.8:53 | c0cfly.rbxcdn.com | udp |
| US | 8.8.8.8:53 | aws-ap-northeast-1a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | syd1-128-116-51-3.roblox.com | udp |
| US | 8.8.8.8:53 | lax4-128-116-63-3.roblox.com | udp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 205.234.175.102:443 | c0cfly.rbxcdn.com | tcp |
| JP | 57.180.238.30:443 | aws-ap-northeast-1a-lms.rbx.com | tcp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| GB | 18.170.155.214:443 | aws-eu-west-2a-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | accountinformation.roblox.com | udp |
| JP | 18.178.250.12:443 | aws-ap-northeast-1a-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | groups.roblox.com | udp |
| US | 8.8.8.8:53 | premiumfeatures.roblox.com | udp |
| US | 8.8.8.8:53 | users.roblox.com | udp |
| US | 8.8.8.8:53 | chat.roblox.com | udp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| US | 8.8.8.8:53 | avatar.roblox.com | udp |
| US | 8.8.8.8:53 | badges.roblox.com | udp |
| US | 8.8.8.8:53 | catalog.roblox.com | udp |
| FR | 128.116.122.3:443 | catalog.roblox.com | tcp |
| US | 8.8.8.8:53 | aws-us-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | c0ak.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox-poc.global.ssl.fastly.net | udp |
| US | 8.8.8.8:53 | fra2-128-116-123-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-1a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | lhr2-128-116-119-3.roblox.com | udp |
| US | 8.8.8.8:53 | mia2-128-116-127-3.roblox.com | udp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 52.26.71.59:443 | aws-us-west-2a-lms.rbx.com | tcp |
| US | 151.101.193.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| US | 52.23.144.99:443 | aws-us-east-1a-lms.rbx.com | tcp |
| GB | 128.116.119.3:443 | lhr2-128-116-119-3.roblox.com | tcp |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| BE | 2.17.107.216:443 | c0ak.rbxcdn.com | tcp |
| FR | 128.116.122.3:443 | catalog.roblox.com | tcp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| GB | 18.244.155.63:443 | create.roblox.com | tcp |
| US | 8.8.8.8:53 | o293668.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o293668.ingest.sentry.io | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 18.244.155.63:443 | create.roblox.com | tcp |
| US | 8.8.8.8:53 | bag-cdn.itunes-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | smoot-searchv2-aeuw3b.v.aaplimg.com | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| DE | 142.250.185.142:443 | clients1.google.com | tcp |
| DE | 142.250.185.142:443 | clients1.google.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | cdn2.smoot.apple.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| DE | 142.250.185.142:443 | clients1.google.com | tcp |
| GB | 17.57.146.7:5223 | tcp | |
| US | 8.8.8.8:53 | 9-courier.push.apple.com | udp |
| GB | 17.57.146.152:5223 | 9-courier.push.apple.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 104.244.42.1:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | x.com | udp |
| US | 104.244.42.65:443 | x.com | tcp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 8.8.8.8:53 | api.x.com | udp |
| US | 104.244.42.65:443 | x.com | tcp |
| GB | 199.232.56.159:443 | pbs.twimg.com | tcp |
| US | 104.244.42.194:443 | api.twitter.com | tcp |
| US | 104.244.42.130:443 | api.x.com | tcp |
| GB | 199.232.56.159:443 | pbs.twimg.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| PL | 93.184.221.165:443 | t.co | tcp |
| GB | 199.232.56.159:443 | pbs.twimg.com | tcp |
| US | 104.244.42.1:443 | x.com | tcp |
| US | 8.8.8.8:53 | e673.dsce9.akamaiedge.net | udp |
| US | 104.244.42.65:443 | x.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 8.8.8.8:53 | abs-0.twimg.com | udp |
| GB | 199.232.56.159:443 | pbs.twimg.com | tcp |
| US | 68.232.34.217:443 | video.twimg.com | tcp |
| US | 104.244.43.131:443 | abs-0.twimg.com | tcp |
| US | 104.244.42.130:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | appleid.cdn-apple.com | udp |
| BE | 104.68.84.171:443 | appleid.cdn-apple.com | tcp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| BE | 151.101.8.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | analytics.x.com | udp |
| US | 104.244.42.3:443 | analytics.x.com | tcp |
| US | 8.8.8.8:53 | api.x.com | udp |
| US | 104.244.42.130:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | itunes.apple.com | udp |
| US | 8.8.8.8:53 | setup.fe2.apple-dns.net | udp |
| US | 8.8.8.8:53 | e10499.dsce9.akamaiedge.net | udp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | api.x.com | udp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | api.x.com | udp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | api.x.com | udp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | api.x.com | udp |
| US | 104.244.42.194:443 | api.x.com | tcp |
Files
/var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/C//mds/mdsObject.db
| MD5 | d3a1859e6ec593505cc882e6def48fc8 |
| SHA1 | f8e6728e3e9de477a75706faa95cead9ce13cb32 |
| SHA256 | 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c |
| SHA512 | ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818 |
/var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/C//mds/mdsDirectory.db
| MD5 | 0e4a0d1ceb2af6f0f8d0167ce77be2d3 |
| SHA1 | 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c |
| SHA256 | cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030 |
| SHA512 | 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20 |
/Users/run/Library/Caches/GeoServices/Resources/altitude-1285.xml
| MD5 | 9a43af57707d2fb460832049d1f217d1 |
| SHA1 | 056d813f8cb5198ca82072f7e3484f38ea5267f8 |
| SHA256 | 7224f8828694ed74a8353567e4d84da188d15a993a4a75938f8409cb49218e7c |
| SHA512 | 1f33175f5d0958c79540a627552f71c6960b6ff19c9b2b0aa604c00bfeff216f6ea2ec3a22ef91ad8d7249597fdf5ad49ddbf5f4aef71b397e785152474954d7 |
/Users/run/Library/Caches/GeoServices/ActiveTileGroup.pbd
| MD5 | 62f4cd82c973b11cd7bd0bf556c0bec3 |
| SHA1 | ced35eb0b7288c45b2936e29b9419c8edcb22ed7 |
| SHA256 | a57222e5e18e51b27f7571e5ba2682ed7af256ad3607dba9b6204ec653e382a3 |
| SHA512 | 06eb0ddc5fc986497bd9cf4ff18e49e2064f3e84472d97bada018e0ae82adcd9512331a86aceb55a3c00200c94af0f91f9b251fdf2c28ec9b38569c55aabcfcb |
/Library/Preferences/com.apple.networkextension.uuidcache.plist
| MD5 | 95d1f6a479ea836bed553646ebef85c1 |
| SHA1 | 19da469018294e373c788d888e5c55e0bb18695e |
| SHA256 | fc78047a7293b7fba3abe949497f397804f86e2ff04c29c4a549df60aa877aa2 |
| SHA512 | 3f9b8aa7efc6cbbcf6672e0d08a630178c653894d800e9125ed18774de105bc564b097120e98b5711cec5d05d95b41fe822019bc10038055eabf341b0c12845d |
/Library/Preferences/com.apple.networkextension.uuidcache.plist
| MD5 | b5ed1a4aa9f5eb7122af5b836de7cefc |
| SHA1 | 50f9e5dbb61125650245824f2bc6b466ede59bf6 |
| SHA256 | c81bb42621fd0e666a3863f06db96ab6f5f2631cf135d41e2916c25d973c1056 |
| SHA512 | 3986a6f6457f3f794a04034f6d905cdb7ab37e67fd3d266a1aa7bf5deaeb544097d0c8668642288f2a6dfb33f343147241d2130abbff33f20140c6608f4a1211 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression
| MD5 | 67156cb6b6e1732094722702959a30b0 |
| SHA1 | d90cf633876758a0970df9d032dab6f0b30b63a1 |
| SHA256 | 58ba1d98871747feeed19634c78d0c295cba0c1045b880d1ea6c3e2630f1e048 |
| SHA512 | f571a6da978166bd7998e165fe404e6f424051429c8026bdfe53cbda4d5b22840b6bad0f5e2449cb6befb9ad06cd052cea0d783f17dd6c21dec102967443eb88 |
/Users/run/Library/Safari/Favicon Cache/favicons/AC0DA0E90466A6F8FF6C755594C2D245
| MD5 | 9909227b6fd2415ccb9a276d99632243 |
| SHA1 | c21dfda1e925054b0d6c882e43f87dbe1222a933 |
| SHA256 | af7282a5f1a3c7a62bda5f2265b1254d420ba7b5aab58023df705dd6064d2ac9 |
| SHA512 | 9705d6811e00ee5f616ead194484f00df7fd5033e6bbea784c02438b87774a3e60ece7e2fb6e23486eec43743d642a105a16a615b3a5d5ee32d49b8f77814e5c |
/Users/run/Library/Safari/Favicon Cache/favicons/CB66C4756FD575DA72C5681980179CF2
| MD5 | 80f7367cb52983d2b58c2570460a9e9b |
| SHA1 | 8b1020b84f2c57bc43c0b0e504529fbd176fc694 |
| SHA256 | d7dd223f488a3dc314edecff758abc774093909d8cdaabb5c6b3f5a84a6f4be7 |
| SHA512 | ec16f486883b31551597eaa82406989c159a5e186ec33fcc8fbc85093d1ac758bfab065a9a8f91ef3087456cc2a0b2b097dbb074f567280f5ccf8f3838eaceb3 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression
| MD5 | acb2ece6b39604a758d8c9470b26c4a1 |
| SHA1 | 9276bbf8ead48aab60c4fecdedbc8ef67c84a3da |
| SHA256 | 9fa132990f42ebfbf38168e2baff6323eaf2f210a6c6e5fb5830fb36ab119114 |
| SHA512 | cd3484e4de0546bf45917f111940b817c0236e1e5c559dc7c54df8072b0a2e3f04e3eca1fb598f103cee01d6f749338ca4508bd4732c7b220fb41afca9530c9f |
/Library/Preferences/com.apple.networkextension.uuidcache.plist
| MD5 | d57c2c880732544ab7260fd582f738eb |
| SHA1 | 93f874a25477dfc0e51b3463abea4a436437e077 |
| SHA256 | c153b23daa5c8fdb6a115b3f5b7da9c3f8bb8fa81f045747b0be7fd433d73750 |
| SHA512 | 62be7f989f7736a4ea093b8fee862c21988bccccdffc5e281e9762ab8ad5b3b7b203b8bcdd4de8e8c613717bcce58562ef264d386163a45c3b391ebc895e3855 |
/Library/Preferences/com.apple.networkextension.uuidcache.plist
| MD5 | a3707811a6096724d20927c4a5bbd31b |
| SHA1 | c3fcdadaae3dd1492e8c80c56cb241fd0983110f |
| SHA256 | 9f5e32f0aad8cb6e9d9097ebe92aaf122599336818b90f3949cdc4c78b405417 |
| SHA512 | 8909835213fc0da36d5d17e142f3b41fa5c1461d1008da0d45732f0cc89ae2d6fd0febc06ddc175b925578293429448ef8e46e5bda40570fd893e4d4cabedc2f |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression
| MD5 | 9ebab5c7a0813099e82e154ca4a3b1a3 |
| SHA1 | 165a095c12a5ef12a24afe58c68d72a827d5962f |
| SHA256 | 9bdc6470db71e898ca94ec16f6630070db3434e925bc5c33718731430e729713 |
| SHA512 | c6d180e26472c2ef3e4be697242020c5db69342f432c72786ba989724a7bac9e0ccf8c9c99565f9d18e9ab44dac14a46db4a6b500c734001e48bbc893f1faab9 |
/Users/run/Library/Safari/Favicon Cache/favicons/2C9FB50A3E644900BE7615303A0B2BA3
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |
/Users/run/Library/Safari/Favicon Cache/favicons/54536D87B1AA09E378503E34FDEA3DB5
| MD5 | 3ceb0c2c416b0d7e967c22e162fb166e |
| SHA1 | fcba598d5e04ec401721869257cdfa0a24d8f522 |
| SHA256 | bd012d6227e715bdc704e65570d67b9c3b2e70db5111cda64df832c50c69d7b9 |
| SHA512 | 3271d6c420ac4761d48e505012c5a878a2b4550327f9bf08a5e408a1e8aff02f341c7609294f626c68f6cb7a49e95c9566d075441a4a0862f1a3865b88c92c69 |
/Users/run/Library/Safari/Favicon Cache/favicons/F64A430B9FD417352EFB53A80A93F152
| MD5 | 904ce6bd2ef5e1eaa6de1eb02164436b |
| SHA1 | b37ac89616b9e4c01a35991af59fe6b63e41a48e |
| SHA256 | 3638de61226857e62cf5187d7d59cf902111ad4f792b5bdff1bfed3f5ed5e608 |
| SHA512 | 05044e298742b1520585ae3c029938036ebed50337608a600c4924a29e3624ce704f3b13fbe348d9e1b1e93b1e0abff9f53bbc9fd31929199f9a374f154f74c2 |
/private/var/db//keybags/persona.kb
| MD5 | 63e45862192c53570a96be79af9e2ba0 |
| SHA1 | 775800ed5c1edacc742abe5f17a687c8e0f1c366 |
| SHA256 | 4f6b419348d6b3a1e08664ec4abb2b52902d85a392a2a8cd47af4443b4891a2e |
| SHA512 | e0b4a72b8d8334a85a5b5efca023d0e1de250fd08d9e181e7a624e1e7ed0a882da4c0469736119f3d4a2da41100a7335ed359770a246b4a269f92335dcc25fef |
/Users/run/Library/Caches/GeoServices/ResourceManifest.pbd
| MD5 | c9ddd515bf94f623dc0922b913143280 |
| SHA1 | f4e73bd6299e3df479b0960046d0cd2a05b6ba8d |
| SHA256 | 2786647d59f218e7aff225c48b40ebf316e47b4696dcdfd94f89bbc29a1a0e9a |
| SHA512 | 29e14d3c3aae8f48a97f17e75f0f0a1416e95212ecfb6259f67836a702c81d35911ccbc191af51f58fb590d7966ce11c26d63702d46fe18f2a2c30a73512ccd1 |
/var/db/locationd/Library/Caches/GeoServices/ResourceManifest.pbd
| MD5 | b0950c4e25823e902927bb79382b21ea |
| SHA1 | 6e0b402522310d37c1b59df974d0bd0d8269d788 |
| SHA256 | 78a936e089d5013dcb0d89e4bd1a0853994ca2598b29eb83123c1ce593bdbeaa |
| SHA512 | 3d8e08b8213c34a7b50d30a7b697109c9ce28e9f0a6ad7cf69f7aa887b2177ba5912c90649e21c7a3594a16c819f7fbd60f3346e0aa6490e6f02113e96ef49c0 |
/var/db/locationd/Library/Caches/GeoServices/networkDefaults.plist
| MD5 | 57487c5e523f4e461e97ab98b41803aa |
| SHA1 | c631fbf25dc6f23be44ccc2670b334278800c63e |
| SHA256 | 67725d05a0ce28bf4ccbfcde82acfcaa627c0eeb7678d5c8e5b7649a7f158f8d |
| SHA512 | 9d9826379ab15e2da65a2a32bc3584b201d79e89e3a7d6e554b2398b7a0ada77241144be6d69fc749526029838293d5107f96f45392fe6a07a05dd2f4d07a3bf |
/var/db/locationd/Library/Caches/GeoServices/ActiveTileGroup.pbd
| MD5 | e9038b61860114d74320357e3c499256 |
| SHA1 | e05a83d71cf42e2b4d7cf1411c891bd565478d78 |
| SHA256 | 9ff749f01fe2287d19c2b503ccf7d99e23046afa31235f4aa8180f87cc1db951 |
| SHA512 | 3e0686ef0a98d7715e068bf6e093beee7e5301b4072617695619b4ea06e0f77691fa8208fba3bca0635f7c5e0ee1cd4948bfb6d16f647047d04f3799d180bab3 |
/private/var/db//keybags/persona.kb
| MD5 | 45445bec0fe21446a7b5503605c9a652 |
| SHA1 | 892b3d993c39e29092868f71a002cd2370f9758a |
| SHA256 | 0d706926a36f90962d9798dd87cc009ca9dd5cd3c536e3c12c8ff9a65ccf14df |
| SHA512 | b4b97f3c4a3bd4a0f57332189926144f0838f660fd80c51b722bda8af2dc551f86c183830f5c4d012fd60607eb2047ea0ee7896b9800dc287af0ffeb2d3320ad |
/Library/Preferences/com.apple.networkextension.uuidcache.plist
| MD5 | f7c5b3d0fc1f8e32f750e9b0d3e885f3 |
| SHA1 | bfa4a65f345f45cd1bf9267fa0d173f7d277b2db |
| SHA256 | b3e6e0ebc7cdd61e832187c9e29e4bf23d9452d88b986478d1bf4dd3f62f126f |
| SHA512 | 99f8b8e0594b327f6492c86a28c40d15ce7f35afa0a30def860777b7ab89d38a847f20ba4cf51209ebe4394f55f6f318cd7d200a240c0cba961f5917f2380b67 |
/Users/run/Library/Safari/Favicon Cache/favicons/B9B22332C2775BAC7922099EC5E20EB5
| MD5 | 79c897bd28b9ccc97f5b6575e3653fe6 |
| SHA1 | 0dfe38884e3d4ad1abaab041a4c5523993e4b82b |
| SHA256 | e58a8be4176bda139d271e49511fd1ab40fe07ae5de02c66c64c091732892594 |
| SHA512 | 6aa85f5d6b079a9eddd8105237b6e3cb3e1cfb30fddd792a867131d1302a129d82f1f48d4d0ef7197c7224e44ef7662fb78eae8f2d566210a6952d67408bb6df |
/System/Library/AssetsV2/com_apple_MobileAsset_TopLevelDomainDafsa/com_apple_MobileAsset_TopLevelDomainDafsa.xml
| MD5 | ebc2a19a18ff6bca039b54e59eb1a340 |
| SHA1 | 2f8e29f150775f1d252a8b13b814600ea2804b64 |
| SHA256 | 50d058659b632866a5778d68373f6abdf11994bebcb00a913b2ec082137cdeff |
| SHA512 | 5d6e7ced0f68aad9b51aac4fce485d7d9c0d3f3814a311e37ec39c3d70d229671b41dcea7d5b5fd67b1f7e2fdff7122ee6b58c42876bee8106280f17238b73ac |
/var/db/nsurlstoraged/dafsaData.bin
| MD5 | 7e6f706958b092cc383164b72f0747d3 |
| SHA1 | 0b5610fe3452fcd8b30c39512b182ed2ea658d08 |
| SHA256 | 3fa3a11ba183442ad6d6f0736d9a885c929157a52055867c8548ee4412dcaf02 |
| SHA512 | b9900d308bb49a051cf1a03134be994e387dc1707a45d81c8972dd05b6b3acb95f06120877f3ad3ee5f468200bbd1974ef82b170b32b51a36a8f892e849332ea |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | 91a0e8a5556a6bd87b1ff5c0a3b25350 |
| SHA1 | 0364deebbd213845861ceaedc5bd519f3f46ade5 |
| SHA256 | 1afe1bdca6e6615d8c976b086b2437f9d6b89cbf52dcf0c266e566a706427c9d |
| SHA512 | 0c3805673ea2557efb826a1b67be9677755537622d9ed474ebe6f2d57f4b6ff10f8aab79cd460355dc85bb9ba0508ad80e42da1d621f435dc07e3e8905254706 |
/Users/run/Library/Safari/Favicon Cache/favicons/1C2781D6C6883A38DDCF70A155075520
| MD5 | aaecf9c038897af242f5d1d59e317abb |
| SHA1 | c2706c1bbbe33e29149b928029956e77753e8f24 |
| SHA256 | 80f1460ede9fb2582106a7cfb8d91bd3d14c4735e6a60d37d13017c6fcd373cb |
| SHA512 | 9b85ba088cae013ecf5ac59baf217c59bf05590dc4b51c21e6f8ec8e31171107c01105c70bc36fdce0d47b6917e86fbdc0cb52fc3ee012b761e7be3cd70fe7f9 |
/Users/run/Library/Safari/Favicon Cache/favicons/2800DC1739828F05C6477BD6D2351807
| MD5 | 1263d4fd818e3ccdb33bd529075de514 |
| SHA1 | 80f7989737ffd4f5c0167ed3a2123c704eec624a |
| SHA256 | 47f7131ce4913e1d49fda4283aed2824907eec694ed07237cc557952cccfbfe0 |
| SHA512 | 89b0328ab6ab74e1a8cfc966dc416435377431cccd61f18a17f93c8e7c1ddc76b4a8ed95e67395b7f5c6759df3c296c55546bee3361f3bca44d3baf9e1b75d0f |
/Library/Caches/com.apple.iconservices.store/8DAFA032-BCF7-3B0F-8548-EEB820761EF0.isdata
| MD5 | 43fc0a758250774f8a4e52a6cfa3da61 |
| SHA1 | fcae4cc3f0de1907adc42270320ce8d3c0a21274 |
| SHA256 | 8dafa032bcf7fb0f8548eeb820761ef0488d2b1ee7fae978a902fea2179024aa |
| SHA512 | c0384999cbc33b443ad0a42df2563efc0f67aed8771a66bc5010450b3a7936105db151a9a238b2c0b5635e2fbeb75aabe7c8d3b23ea65ddda96338de99a3bc97 |
/Users/run/Library/Suggestions/pending/3.qdat
| MD5 | a34876d66bbe8f3c15426dd5050b22e3 |
| SHA1 | 272f8718542d31e4f1df7ca2450301f355f898b8 |
| SHA256 | 0d1cd7239de74181a93385530e3188b67d3db70d21c3f83135c084bbad9d8b2c |
| SHA512 | 2ede2aa26775900daf0135422c8a80c93025ef33707374f02216de57f6a7e3b20fc4b684eb7f6d8e5b01de742dde84674b566923113b934cab87962d47b7361e |
/Users/run/Library/Suggestions/pending/4.qdat
| MD5 | 4c6c2413a39f4518eedd862844dbf2fd |
| SHA1 | 740beffd43ca8f269312f75917b672cc2420c55e |
| SHA256 | 00d33045781ce4546bc226403512bb28cf0032c23f214131888afcc1d33daf09 |
| SHA512 | a01ca6e552a59c8cbedd3973cf78180e6db665ebe30b3882dc6137107bcf016e56acb40dd47b99e1c2cca26d2e2efc9a829ced1fa2223781aae6f27c63bf8372 |
/Users/run/Library/Preferences/com.apple.security.cloudkeychainproxy3.keysToRegister.plist
| MD5 | 14798ea64c710aadfdc1694b0b3c596c |
| SHA1 | 7788e2cc3bf6a656b570446cd668cb8319d113b9 |
| SHA256 | 8201fe862ae9353835d600f5af778d0ef72559d41d7b9f07a59421f02ee6b1c3 |
| SHA512 | de70b800ea2dd56b76992e7d7e57890ed224488bb40e270067bf9965152f20f65f1487b14a06fd6dafe80b6bddb8d9b50ddc8e5ca1a4eb7b550232ed56098902 |