Malware Analysis Report

2024-10-10 07:35

Sample ID 240617-l4e86szdpm
Target d3ZXHLsxqw.webp
SHA256 057be7a598682f44faf44a3b1fbf9f78a5c3f93e886b209d864d56e13a991a66
Tags
evasion
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

SHA256

057be7a598682f44faf44a3b1fbf9f78a5c3f93e886b209d864d56e13a991a66

Threat Level: Likely benign

The file d3ZXHLsxqw.webp was found to be: Likely benign.

Malicious Activity Summary

evasion

Resource Forking

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-17 10:04

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-17 10:04

Reported

2024-06-17 10:59

Platform

macos-20240611-en

Max time kernel

2240s

Max time network

2663s

Command Line

[sh -c sudo /bin/zsh -c "/Users/run/d3ZXHLsxqw.webp"]

Signatures

Resource Forking

evasion
Description Indicator Process Target
N/A /System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy N/A N/A
N/A /System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent N/A N/A
N/A /System/Library/PrivateFrameworks/TCC.framework/Resources/tccd system N/A N/A
N/A /System/Library/PrivateFrameworks/TCC.framework/Resources/tccd N/A N/A
N/A /System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy N/A N/A

Processes

/bin/sh

[sh -c sudo /bin/zsh -c "/Users/run/d3ZXHLsxqw.webp"]

/bin/bash

[sh -c sudo /bin/zsh -c "/Users/run/d3ZXHLsxqw.webp"]

/usr/bin/sudo

[sudo /bin/zsh -c /Users/run/d3ZXHLsxqw.webp]

/bin/zsh

[/bin/zsh -c /Users/run/d3ZXHLsxqw.webp]

/Users/run/d3ZXHLsxqw.webp

[/Users/run/d3ZXHLsxqw.webp]

/usr/libexec/xpcproxy

[xpcproxy com.apple.sysmond]

/usr/libexec/sysmond

[/usr/libexec/sysmond]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.systemsoundserverd]

/usr/sbin/systemsoundserverd

[/usr/sbin/systemsoundserverd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.pbs]

/System/Library/CoreServices/pbs

[/System/Library/CoreServices/pbs]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.AudioComponentRegistrar]

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar

[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon]

/usr/libexec/xpcproxy

[xpcproxy com.apple.security.cloudkeychainproxy3]

/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy

[/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy]

/usr/libexec/xpcproxy

[xpcproxy com.apple.geod]

/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod

[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]

/usr/libexec/xpcproxy

[xpcproxy com.apple.geod]

/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod

[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]

/usr/libexec/xpcproxy

[xpcproxy com.apple.secinitd]

/usr/libexec/secinitd

[/usr/libexec/secinitd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AddressBook.ContactsAccountsService]

/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService

[/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.routined]

/usr/libexec/routined

[/usr/libexec/routined LAUNCHED_BY_LAUNCHD]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Maps.mapspushd]

/System/Library/CoreServices/mapspushd

[/System/Library/CoreServices/mapspushd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.nehelper]

/usr/libexec/nehelper

[/usr/libexec/nehelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A]

/usr/libexec/neagent

[/usr/libexec/neagent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.2028]

/Applications/Safari.app/Contents/MacOS/Safari

[/Applications/Safari.app/Contents/MacOS/Safari]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.History]

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History

[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History]

/usr/libexec/xpcproxy

[xpcproxy com.apple.siri.context.service]

/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService

[/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.F84B265E-7FC8-4D0C-A3ED-83136A128EDE 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.SafariLaunchAgent]

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent

[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.akd]

/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd

[/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.A0AF7802-608B-4A01-B206-E4BDBA4F7DA1 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.CoreAuthentication.agent]

/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd

[/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService

[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.SearchHelper 581]

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper

[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.SafeBrowsing.Service]

/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service

[/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.6965C12D-0F8B-416D-873F-752DBC77E990 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.mediaremoted]

/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted

[/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.AudioComponentRegistrar]

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar

[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.SandboxHelper 600]

/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper

[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.accessibility.mediaaccessibilityd]

/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd

[/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.E775A484-A0F5-4F73-B1B6-3016695538F3 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.5A0612FD-539D-4B08-AE17-6657981A14BF 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.3152966A-476E-4F2B-801D-8202545D7452 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.EE6215D2-55E0-4F47-AA39-80588E5F5B95 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.mobile.keybagd]

/usr/libexec/keybagd

[/usr/libexec/keybagd -t 15]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump]

/usr/sbin/spindump

[/usr/sbin/spindump]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump_agent]

/usr/libexec/spindump_agent

[/usr/libexec/spindump_agent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.SandboxHelper 612]

/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper

[/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.ViewBridgeAuxiliary]

/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary

[/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary]

/usr/libexec/xpcproxy

[xpcproxy com.apple.accessibility.mediaaccessibilityd]

/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd

[/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.secinitd]

/usr/libexec/secinitd

[/usr/libexec/secinitd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.D148B497-786F-400E-B6FE-D4D00AE3530C 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.mobileassetd]

/usr/libexec/mobileassetd

[/usr/libexec/mobileassetd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.mobile.keybagd]

/usr/libexec/keybagd

[/usr/libexec/keybagd -t 15]

/usr/libexec/xpcproxy

[xpcproxy com.apple.coreduetd]

/usr/libexec/coreduetd

[/usr/libexec/coreduetd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.ViewBridgeAuxiliary]

/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary

[/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary]

/usr/libexec/xpcproxy

[xpcproxy com.apple.geod]

/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod

[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]

/usr/libexec/xpcproxy

[xpcproxy com.apple.geod]

/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod

[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]

/usr/libexec/xpcproxy

[xpcproxy com.apple.secinitd]

/usr/libexec/secinitd

[/usr/libexec/secinitd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.cfprefsd.xpc.agent]

/usr/sbin/cfprefsd

[/usr/sbin/cfprefsd agent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.mobileassetd]

/usr/libexec/mobileassetd

[/usr/libexec/mobileassetd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.mobile.keybagd]

/usr/libexec/keybagd

[/usr/libexec/keybagd -t 15]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.History]

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History

[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History]

/usr/libexec/xpcproxy

[xpcproxy com.apple.nehelper]

/usr/libexec/nehelper

[/usr/libexec/nehelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A]

/usr/libexec/neagent

[/usr/libexec/neagent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.ContextStoreAgent]

/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent

[/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.ScreenTimeAgent]

/System/Library/PrivateFrameworks/ScreenTimeCore.framework/Versions/A/ScreenTimeAgent

[/System/Library/PrivateFrameworks/ScreenTimeCore.framework/Versions/A/ScreenTimeAgent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.dmd]

/usr/libexec/dmd

[/usr/libexec/dmd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.trustd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.CodeSigningHelper]

/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/com.apple.CodeSigningHelper.xpc/Contents/MacOS/com.apple.CodeSigningHelper

[/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/com.apple.CodeSigningHelper.xpc/Contents/MacOS/com.apple.CodeSigningHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.tccd.system]

/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd

[/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd system]

/usr/libexec/xpcproxy

[xpcproxy com.apple.sandboxd]

/usr/libexec/sandboxd

[/usr/libexec/sandboxd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.iconservices.iconservicesagent]

/System/Library/CoreServices/iconservicesagent

[/System/Library/CoreServices/iconservicesagent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.bird]

/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird

[/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird]

/usr/libexec/xpcproxy

[xpcproxy com.apple.iconservices.iconservicesd]

/System/Library/CoreServices/iconservicesd

[/System/Library/CoreServices/iconservicesd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.sysmond]

/usr/libexec/sysmond

[/usr/libexec/sysmond]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Safari.SearchHelper 581]

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper

[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.akd]

/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd

[/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.suggestd]

/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd

[/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.knowledge-agent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.siri.context.service]

/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService

[/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService]

/usr/libexec/knowledge-agent

[/usr/libexec/knowledge-agent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.tccd]

/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd

[/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.FC70C15A-EF49-47A5-B9E8-4DD6732A4A8B 581]

/usr/libexec/xpcproxy

[xpcproxy com.apple.pluginkit.pkd]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/pkd

[/usr/libexec/pkd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AddressBook.ContactsAccountsService]

/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService

[/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.CalendarAgent]

/System/Library/PrivateFrameworks/CalendarAgent.framework/Executables/CalendarAgent

[/System/Library/PrivateFrameworks/CalendarAgent.framework/Executables/CalendarAgent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.CalendarNotification.CalNCService 668]

/System/Library/PrivateFrameworks/CalendarNotification.framework/Versions/A/XPCServices/CalNCService.xpc/Contents/MacOS/CalNCService

[/System/Library/PrivateFrameworks/CalendarNotification.framework/Versions/A/XPCServices/CalNCService.xpc/Contents/MacOS/CalNCService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.coreduetd]

/usr/libexec/coreduetd

[/usr/libexec/coreduetd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.secd]

/usr/libexec/secd

[/usr/libexec/secd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.nsurlstoraged]

/usr/libexec/nsurlstoraged

[/usr/libexec/nsurlstoraged --privileged]

/usr/libexec/xpcproxy

[xpcproxy com.apple.ReportCrash]

/System/Library/CoreServices/ReportCrash

[/System/Library/CoreServices/ReportCrash agent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.ReportMemoryException]

/usr/libexec/ReportMemoryException

[/usr/libexec/ReportMemoryException]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump]

/usr/sbin/spindump

[/usr/sbin/spindump]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump_agent]

/usr/libexec/spindump_agent

[/usr/libexec/spindump_agent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.10FA79BC-B25B-4DD9-AF43-E69B93DED013 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.9627D6C2-43F9-477B-8DBD-2FD6BE864C44 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.06407F8F-80DC-4F5D-B71E-DC03D22693B4 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.F3AEAA80-349A-4617-B07C-73CDA2111320 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.BBCD63FD-B020-430C-B40D-820EBDDEEEB9 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.WebKit.WebContent.0A8D5AF5-DE1F-4282-BB12-252B89D2AFCB 581]

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.newsyslog]

/usr/sbin/newsyslog

[/usr/sbin/newsyslog]

/usr/libexec/xpcproxy

[xpcproxy com.apple.routined]

/usr/libexec/routined

[/usr/libexec/routined LAUNCHED_BY_LAUNCHD]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Maps.mapspushd]

/System/Library/CoreServices/mapspushd

[/System/Library/CoreServices/mapspushd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.adid]

/System/Library/PrivateFrameworks/CoreADI.framework/adid

[/System/Library/PrivateFrameworks/CoreADI.framework/adid]

/usr/libexec/xpcproxy

[xpcproxy com.apple.diagnosticd]

/usr/libexec/diagnosticd

[/usr/libexec/diagnosticd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.security.cloudkeychainproxy3]

/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy

[/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AccountPolicyHelper]

/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper

[/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper]

Network

Country Destination Domain Proto
GB 51.132.193.104:443 tcp
GB 17.250.81.67:443 tcp
US 8.8.8.8:53 mobile.events.data.trafficmanager.net udp
US 20.189.173.17:443 tcp
US 8.8.8.8:53 h3.apis.apple.map.fastly.net udp
US 8.8.8.8:53 e4686.dsce9.akamaiedge.net udp
US 8.8.8.8:53 gspe1-ssl.ls.apple.com.edgesuite.net udp
GB 104.77.118.121:443 tcp
US 8.8.8.8:53 a479.dscg4.akamai.net udp
GB 2.16.170.115:443 gspe1-ssl.ls.apple.com.edgesuite.net tcp
US 8.8.8.8:53 e673.dsce9.akamaiedge.net udp
US 8.8.8.8:53 api-glb-aeuw3b.smoot.apple.com udp
US 8.8.8.8:53 gateway.fe2.apple-dns.net udp
US 8.8.8.8:53 cds.apple.com udp
BE 104.68.86.71:443 cds.apple.com tcp
US 8.8.8.8:53 help.apple.com udp
US 23.220.113.166:443 help.apple.com tcp
US 23.220.113.166:443 help.apple.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 e10499.dsce9.akamaiedge.net udp
US 8.8.8.8:53 clients1.google.com udp
DE 142.250.185.142:443 clients1.google.com tcp
US 8.8.8.8:53 e673.dsce9.akamaiedge.net udp
US 8.8.8.8:53 www.yelp.com udp
US 151.101.192.116:443 www.yelp.com tcp
US 8.8.8.8:53 safebrowsing.googleapis.com udp
US 8.8.8.8:53 www.yelp.co.uk udp
PL 18.244.146.76:443 www.yelp.co.uk tcp
US 8.8.8.8:53 cdn2.smoot.apple.com udp
US 8.8.8.8:53 cdn.smoot.apple.com udp
GB 17.253.37.206:443 cdn.smoot.apple.com tcp
GB 17.253.37.206:443 cdn.smoot.apple.com tcp
US 8.8.8.8:53 s3-media0.fl.yelpcdn.com udp
US 151.101.193.91:443 s3-media0.fl.yelpcdn.com tcp
US 8.8.8.8:53 itunes.apple.com udp
US 8.8.8.8:53 www.youtube.com udp
DE 142.250.186.78:443 www.youtube.com tcp
US 8.8.8.8:53 i.ytimg.com udp
DE 172.217.18.22:443 i.ytimg.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
DE 142.250.186.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
DE 142.250.186.78:443 www.youtube.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 rr1---sn-q4fzen7y.googlevideo.com udp
US 173.194.141.102:443 rr1---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.102:443 rr1---sn-q4fzen7y.googlevideo.com tcp
US 173.194.141.102:443 rr1---sn-q4fzen7y.googlevideo.com tcp
US 8.8.8.8:53 www.google.com udp
US 173.194.141.102:443 rr1---sn-q4fzen7y.googlevideo.com tcp
DE 142.250.185.68:443 www.google.com tcp
US 173.194.141.102:443 rr1---sn-q4fzen7y.googlevideo.com tcp
US 8.8.8.8:53 play.google.com udp
US 173.194.141.102:443 rr1---sn-q4fzen7y.googlevideo.com tcp
DE 142.250.186.110:443 play.google.com tcp
US 8.8.8.8:53 www.google.co.uk udp
DE 142.250.186.110:443 play.google.com tcp
DE 142.250.185.195:443 www.google.co.uk tcp
DE 142.250.186.78:443 www.youtube.com tcp
US 8.8.8.8:53 e6858.dscx.akamaiedge.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
DE 142.250.186.74:443 jnn-pa.googleapis.com tcp
NL 216.58.206.70:443 static.doubleclick.net tcp
US 8.8.8.8:53 youtube.com udp
DE 142.250.185.238:443 youtube.com tcp
DE 142.250.185.142:443 www.youtube.com tcp
US 8.8.8.8:53 cdn.smoot.g.aaplimg.com udp
GB 17.253.37.206:443 cdn.smoot.apple.com tcp
GB 17.253.37.202:443 cdn.smoot.g.aaplimg.com tcp
US 8.8.8.8:53 consent.google.com udp
DE 142.250.185.142:443 consent.google.com tcp
DE 142.250.185.68:443 www.google.com tcp
DE 142.250.185.68:443 www.google.com tcp
US 8.8.8.8:53 slopeonline.online udp
US 104.21.31.181:443 slopeonline.online tcp
US 8.8.8.8:53 platform-api.sharethis.com udp
GB 108.138.217.59:443 platform-api.sharethis.com tcp
US 8.8.8.8:53 buttons-config.sharethis.com udp
US 8.8.8.8:53 data.stbuttons.click udp
GB 18.245.143.93:443 buttons-config.sharethis.com tcp
GB 18.239.236.43:443 data.stbuttons.click tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 l.sharethis.com udp
US 8.8.8.8:53 platform-cdn.sharethis.com udp
IE 54.220.148.100:443 l.sharethis.com tcp
GB 18.165.201.26:443 platform-cdn.sharethis.com tcp
US 104.21.31.181:443 slopeonline.online tcp
US 8.8.8.8:53 player-auth.services.api.unity.com udp
US 34.102.143.233:443 player-auth.services.api.unity.com tcp
US 8.8.8.8:53 leaderboards.services.api.unity.com udp
US 8.8.8.8:53 www.wikipedia.org udp
NL 185.15.59.224:443 www.wikipedia.org tcp
US 8.8.8.8:53 upload.wikimedia.org udp
NL 185.15.59.240:443 upload.wikimedia.org tcp
US 8.8.8.8:53 e673.dsce9.akamaiedge.net udp
US 8.8.8.8:53 en.wikipedia.org udp
NL 185.15.59.224:443 en.wikipedia.org tcp
US 8.8.8.8:53 e10499.dsce9.akamaiedge.net udp
US 8.8.8.8:53 gspe1-ssl.ls.apple.com.edgesuite.net udp
GB 2.16.170.49:443 gspe1-ssl.ls.apple.com.edgesuite.net tcp
GB 2.16.170.49:443 gspe1-ssl.ls.apple.com.edgesuite.net tcp
US 8.8.8.8:53 gsp64-ssl.ls-apple.com.akadns.net udp
US 8.8.8.8:53 lb._dns-sd._udp.0.0.127.10.in-addr.arpa udp
DE 142.250.185.142:443 consent.google.com tcp
US 8.8.8.8:53 cdn2.smoot.apple.com udp
GB 17.253.37.202:443 cdn.smoot.g.aaplimg.com tcp
US 8.8.8.8:53 www.roblox.com udp
FR 128.116.122.3:443 www.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 roblox.com udp
GB 216.137.44.38:443 css.rbxcdn.com tcp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
GB 108.138.217.124:443 static.rbxcdn.com tcp
GB 128.116.119.4:443 roblox.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.244.155.10:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
FR 128.116.122.3:443 apis.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
BE 104.117.77.17:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 216.137.44.8:443 images.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 216.137.44.8:443 images.rbxcdn.com tcp
US 8.8.8.8:53 configuration.apple.com.akadns.net udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
FR 128.116.122.3:443 realtime-signalr.roblox.com tcp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
FR 128.116.122.4:443 lms.roblox.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
NL 2.18.121.34:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 waw1-128-116-124-3.roblox.com udp
US 8.8.8.8:53 bom1-128-116-104-4.roblox.com udp
US 8.8.8.8:53 ams2-128-116-21-3.roblox.com udp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
US 8.8.8.8:53 pulsar.roblox.com udp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 8.8.8.8:53 sin2-128-116-97-3.roblox.com udp
US 8.8.8.8:53 ord2-128-116-101-3.roblox.com udp
PL 128.116.124.3:443 pulsar.roblox.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
PL 128.116.124.3:443 pulsar.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 cs.ns1p.net udp
DE 52.28.200.16:443 cs.ns1p.net tcp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 s.ns1p.net udp
FR 128.116.122.4:443 lms.roblox.com tcp
DE 3.123.132.50:443 s.ns1p.net tcp
US 8.8.8.8:53 presence.roblox.com udp
US 8.8.8.8:53 c0.rbxcdn.com udp
GB 108.156.46.103:443 c0.rbxcdn.com tcp
US 8.8.8.8:53 fra4-128-116-44-3.roblox.com udp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
US 8.8.8.8:53 b.ns1p.net udp
US 8.8.8.8:53 t5.rbxcdn.com udp
GB 18.245.187.22:443 t5.rbxcdn.com tcp
US 8.8.8.8:53 sin4-128-116-50-3.roblox.com udp
US 8.8.8.8:53 c0cfly.rbxcdn.com udp
US 8.8.8.8:53 aws-ap-northeast-1a-lms.rbx.com udp
US 8.8.8.8:53 aws-eu-west-2a-lms.rbx.com udp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 205.234.175.102:443 c0cfly.rbxcdn.com tcp
JP 57.180.238.30:443 aws-ap-northeast-1a-lms.rbx.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
GB 18.170.155.214:443 aws-eu-west-2a-lms.rbx.com tcp
US 8.8.8.8:53 accountinformation.roblox.com udp
JP 18.178.250.12:443 aws-ap-northeast-1a-lms.rbx.com tcp
US 8.8.8.8:53 groups.roblox.com udp
US 8.8.8.8:53 premiumfeatures.roblox.com udp
US 8.8.8.8:53 users.roblox.com udp
US 8.8.8.8:53 chat.roblox.com udp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 avatar.roblox.com udp
US 8.8.8.8:53 badges.roblox.com udp
US 8.8.8.8:53 catalog.roblox.com udp
FR 128.116.122.3:443 catalog.roblox.com tcp
US 8.8.8.8:53 aws-us-west-2a-lms.rbx.com udp
US 8.8.8.8:53 c0ak.rbxcdn.com udp
US 8.8.8.8:53 roblox-poc.global.ssl.fastly.net udp
US 8.8.8.8:53 fra2-128-116-123-3.roblox.com udp
US 8.8.8.8:53 aws-us-east-1a-lms.rbx.com udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
US 8.8.8.8:53 mia2-128-116-127-3.roblox.com udp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
US 52.26.71.59:443 aws-us-west-2a-lms.rbx.com tcp
US 151.101.193.194:443 roblox-poc.global.ssl.fastly.net tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
US 52.23.144.99:443 aws-us-east-1a-lms.rbx.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
BE 2.17.107.216:443 c0ak.rbxcdn.com tcp
FR 128.116.122.3:443 catalog.roblox.com tcp
US 8.8.8.8:53 create.roblox.com udp
GB 18.244.155.63:443 create.roblox.com tcp
US 8.8.8.8:53 o293668.ingest.sentry.io udp
US 34.120.195.249:443 o293668.ingest.sentry.io tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
GB 18.244.155.63:443 create.roblox.com tcp
US 8.8.8.8:53 bag-cdn.itunes-apple.com.akadns.net udp
US 8.8.8.8:53 smoot-searchv2-aeuw3b.v.aaplimg.com udp
US 8.8.8.8:53 clients1.google.com udp
DE 142.250.185.142:443 clients1.google.com tcp
DE 142.250.185.142:443 clients1.google.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 cdn2.smoot.apple.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
DE 142.250.185.142:443 clients1.google.com tcp
GB 17.57.146.7:5223 tcp
US 8.8.8.8:53 9-courier.push.apple.com udp
GB 17.57.146.152:5223 9-courier.push.apple.com tcp
US 8.8.8.8:53 twitter.com udp
US 104.244.42.1:443 twitter.com tcp
US 8.8.8.8:53 x.com udp
US 104.244.42.65:443 x.com tcp
US 8.8.8.8:53 abs.twimg.com udp
US 8.8.8.8:53 api.twitter.com udp
US 8.8.8.8:53 pbs.twimg.com udp
US 8.8.8.8:53 api.x.com udp
US 104.244.42.65:443 x.com tcp
GB 199.232.56.159:443 pbs.twimg.com tcp
US 104.244.42.194:443 api.twitter.com tcp
US 104.244.42.130:443 api.x.com tcp
GB 199.232.56.159:443 pbs.twimg.com tcp
US 8.8.8.8:53 t.co udp
PL 93.184.221.165:443 t.co tcp
GB 199.232.56.159:443 pbs.twimg.com tcp
US 104.244.42.1:443 x.com tcp
US 8.8.8.8:53 e673.dsce9.akamaiedge.net udp
US 104.244.42.65:443 x.com tcp
US 8.8.8.8:53 video.twimg.com udp
US 8.8.8.8:53 abs-0.twimg.com udp
GB 199.232.56.159:443 pbs.twimg.com tcp
US 68.232.34.217:443 video.twimg.com tcp
US 104.244.43.131:443 abs-0.twimg.com tcp
US 104.244.42.130:443 api.x.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 appleid.cdn-apple.com udp
BE 104.68.84.171:443 appleid.cdn-apple.com tcp
US 8.8.8.8:53 static.ads-twitter.com udp
BE 151.101.8.157:443 static.ads-twitter.com tcp
US 8.8.8.8:53 analytics.x.com udp
US 104.244.42.3:443 analytics.x.com tcp
US 8.8.8.8:53 api.x.com udp
US 104.244.42.130:443 api.x.com tcp
US 8.8.8.8:53 itunes.apple.com udp
US 8.8.8.8:53 setup.fe2.apple-dns.net udp
US 8.8.8.8:53 e10499.dsce9.akamaiedge.net udp
US 104.244.42.194:443 api.x.com tcp
US 104.244.42.194:443 api.x.com tcp
US 8.8.8.8:53 api.x.com udp
US 104.244.42.194:443 api.x.com tcp
US 8.8.8.8:53 api.x.com udp
US 104.244.42.194:443 api.x.com tcp
US 8.8.8.8:53 api.x.com udp
US 104.244.42.194:443 api.x.com tcp
US 8.8.8.8:53 api.x.com udp
US 104.244.42.194:443 api.x.com tcp

Files

/var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/C//mds/mdsObject.db

MD5 d3a1859e6ec593505cc882e6def48fc8
SHA1 f8e6728e3e9de477a75706faa95cead9ce13cb32
SHA256 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c
SHA512 ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

/var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/C//mds/mdsDirectory.db

MD5 0e4a0d1ceb2af6f0f8d0167ce77be2d3
SHA1 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c
SHA256 cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030
SHA512 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

/Users/run/Library/Caches/GeoServices/Resources/altitude-1285.xml

MD5 9a43af57707d2fb460832049d1f217d1
SHA1 056d813f8cb5198ca82072f7e3484f38ea5267f8
SHA256 7224f8828694ed74a8353567e4d84da188d15a993a4a75938f8409cb49218e7c
SHA512 1f33175f5d0958c79540a627552f71c6960b6ff19c9b2b0aa604c00bfeff216f6ea2ec3a22ef91ad8d7249597fdf5ad49ddbf5f4aef71b397e785152474954d7

/Users/run/Library/Caches/GeoServices/ActiveTileGroup.pbd

MD5 62f4cd82c973b11cd7bd0bf556c0bec3
SHA1 ced35eb0b7288c45b2936e29b9419c8edcb22ed7
SHA256 a57222e5e18e51b27f7571e5ba2682ed7af256ad3607dba9b6204ec653e382a3
SHA512 06eb0ddc5fc986497bd9cf4ff18e49e2064f3e84472d97bada018e0ae82adcd9512331a86aceb55a3c00200c94af0f91f9b251fdf2c28ec9b38569c55aabcfcb

/Library/Preferences/com.apple.networkextension.uuidcache.plist

MD5 95d1f6a479ea836bed553646ebef85c1
SHA1 19da469018294e373c788d888e5c55e0bb18695e
SHA256 fc78047a7293b7fba3abe949497f397804f86e2ff04c29c4a549df60aa877aa2
SHA512 3f9b8aa7efc6cbbcf6672e0d08a630178c653894d800e9125ed18774de105bc564b097120e98b5711cec5d05d95b41fe822019bc10038055eabf341b0c12845d

/Library/Preferences/com.apple.networkextension.uuidcache.plist

MD5 b5ed1a4aa9f5eb7122af5b836de7cefc
SHA1 50f9e5dbb61125650245824f2bc6b466ede59bf6
SHA256 c81bb42621fd0e666a3863f06db96ab6f5f2631cf135d41e2916c25d973c1056
SHA512 3986a6f6457f3f794a04034f6d905cdb7ab37e67fd3d266a1aa7bf5deaeb544097d0c8668642288f2a6dfb33f343147241d2130abbff33f20140c6608f4a1211

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression

MD5 67156cb6b6e1732094722702959a30b0
SHA1 d90cf633876758a0970df9d032dab6f0b30b63a1
SHA256 58ba1d98871747feeed19634c78d0c295cba0c1045b880d1ea6c3e2630f1e048
SHA512 f571a6da978166bd7998e165fe404e6f424051429c8026bdfe53cbda4d5b22840b6bad0f5e2449cb6befb9ad06cd052cea0d783f17dd6c21dec102967443eb88

/Users/run/Library/Safari/Favicon Cache/favicons/AC0DA0E90466A6F8FF6C755594C2D245

MD5 9909227b6fd2415ccb9a276d99632243
SHA1 c21dfda1e925054b0d6c882e43f87dbe1222a933
SHA256 af7282a5f1a3c7a62bda5f2265b1254d420ba7b5aab58023df705dd6064d2ac9
SHA512 9705d6811e00ee5f616ead194484f00df7fd5033e6bbea784c02438b87774a3e60ece7e2fb6e23486eec43743d642a105a16a615b3a5d5ee32d49b8f77814e5c

/Users/run/Library/Safari/Favicon Cache/favicons/CB66C4756FD575DA72C5681980179CF2

MD5 80f7367cb52983d2b58c2570460a9e9b
SHA1 8b1020b84f2c57bc43c0b0e504529fbd176fc694
SHA256 d7dd223f488a3dc314edecff758abc774093909d8cdaabb5c6b3f5a84a6f4be7
SHA512 ec16f486883b31551597eaa82406989c159a5e186ec33fcc8fbc85093d1ac758bfab065a9a8f91ef3087456cc2a0b2b097dbb074f567280f5ccf8f3838eaceb3

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression

MD5 acb2ece6b39604a758d8c9470b26c4a1
SHA1 9276bbf8ead48aab60c4fecdedbc8ef67c84a3da
SHA256 9fa132990f42ebfbf38168e2baff6323eaf2f210a6c6e5fb5830fb36ab119114
SHA512 cd3484e4de0546bf45917f111940b817c0236e1e5c559dc7c54df8072b0a2e3f04e3eca1fb598f103cee01d6f749338ca4508bd4732c7b220fb41afca9530c9f

/Library/Preferences/com.apple.networkextension.uuidcache.plist

MD5 d57c2c880732544ab7260fd582f738eb
SHA1 93f874a25477dfc0e51b3463abea4a436437e077
SHA256 c153b23daa5c8fdb6a115b3f5b7da9c3f8bb8fa81f045747b0be7fd433d73750
SHA512 62be7f989f7736a4ea093b8fee862c21988bccccdffc5e281e9762ab8ad5b3b7b203b8bcdd4de8e8c613717bcce58562ef264d386163a45c3b391ebc895e3855

/Library/Preferences/com.apple.networkextension.uuidcache.plist

MD5 a3707811a6096724d20927c4a5bbd31b
SHA1 c3fcdadaae3dd1492e8c80c56cb241fd0983110f
SHA256 9f5e32f0aad8cb6e9d9097ebe92aaf122599336818b90f3949cdc4c78b405417
SHA512 8909835213fc0da36d5d17e142f3b41fa5c1461d1008da0d45732f0cc89ae2d6fd0febc06ddc175b925578293429448ef8e46e5bda40570fd893e4d4cabedc2f

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression

MD5 9ebab5c7a0813099e82e154ca4a3b1a3
SHA1 165a095c12a5ef12a24afe58c68d72a827d5962f
SHA256 9bdc6470db71e898ca94ec16f6630070db3434e925bc5c33718731430e729713
SHA512 c6d180e26472c2ef3e4be697242020c5db69342f432c72786ba989724a7bac9e0ccf8c9c99565f9d18e9ab44dac14a46db4a6b500c734001e48bbc893f1faab9

/Users/run/Library/Safari/Favicon Cache/favicons/2C9FB50A3E644900BE7615303A0B2BA3

MD5 f3418a443e7d841097c714d69ec4bcb8
SHA1 49263695f6b0cdd72f45cf1b775e660fdc36c606
SHA256 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
SHA512 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

/Users/run/Library/Safari/Favicon Cache/favicons/54536D87B1AA09E378503E34FDEA3DB5

MD5 3ceb0c2c416b0d7e967c22e162fb166e
SHA1 fcba598d5e04ec401721869257cdfa0a24d8f522
SHA256 bd012d6227e715bdc704e65570d67b9c3b2e70db5111cda64df832c50c69d7b9
SHA512 3271d6c420ac4761d48e505012c5a878a2b4550327f9bf08a5e408a1e8aff02f341c7609294f626c68f6cb7a49e95c9566d075441a4a0862f1a3865b88c92c69

/Users/run/Library/Safari/Favicon Cache/favicons/F64A430B9FD417352EFB53A80A93F152

MD5 904ce6bd2ef5e1eaa6de1eb02164436b
SHA1 b37ac89616b9e4c01a35991af59fe6b63e41a48e
SHA256 3638de61226857e62cf5187d7d59cf902111ad4f792b5bdff1bfed3f5ed5e608
SHA512 05044e298742b1520585ae3c029938036ebed50337608a600c4924a29e3624ce704f3b13fbe348d9e1b1e93b1e0abff9f53bbc9fd31929199f9a374f154f74c2

/private/var/db//keybags/persona.kb

MD5 63e45862192c53570a96be79af9e2ba0
SHA1 775800ed5c1edacc742abe5f17a687c8e0f1c366
SHA256 4f6b419348d6b3a1e08664ec4abb2b52902d85a392a2a8cd47af4443b4891a2e
SHA512 e0b4a72b8d8334a85a5b5efca023d0e1de250fd08d9e181e7a624e1e7ed0a882da4c0469736119f3d4a2da41100a7335ed359770a246b4a269f92335dcc25fef

/Users/run/Library/Caches/GeoServices/ResourceManifest.pbd

MD5 c9ddd515bf94f623dc0922b913143280
SHA1 f4e73bd6299e3df479b0960046d0cd2a05b6ba8d
SHA256 2786647d59f218e7aff225c48b40ebf316e47b4696dcdfd94f89bbc29a1a0e9a
SHA512 29e14d3c3aae8f48a97f17e75f0f0a1416e95212ecfb6259f67836a702c81d35911ccbc191af51f58fb590d7966ce11c26d63702d46fe18f2a2c30a73512ccd1

/var/db/locationd/Library/Caches/GeoServices/ResourceManifest.pbd

MD5 b0950c4e25823e902927bb79382b21ea
SHA1 6e0b402522310d37c1b59df974d0bd0d8269d788
SHA256 78a936e089d5013dcb0d89e4bd1a0853994ca2598b29eb83123c1ce593bdbeaa
SHA512 3d8e08b8213c34a7b50d30a7b697109c9ce28e9f0a6ad7cf69f7aa887b2177ba5912c90649e21c7a3594a16c819f7fbd60f3346e0aa6490e6f02113e96ef49c0

/var/db/locationd/Library/Caches/GeoServices/networkDefaults.plist

MD5 57487c5e523f4e461e97ab98b41803aa
SHA1 c631fbf25dc6f23be44ccc2670b334278800c63e
SHA256 67725d05a0ce28bf4ccbfcde82acfcaa627c0eeb7678d5c8e5b7649a7f158f8d
SHA512 9d9826379ab15e2da65a2a32bc3584b201d79e89e3a7d6e554b2398b7a0ada77241144be6d69fc749526029838293d5107f96f45392fe6a07a05dd2f4d07a3bf

/var/db/locationd/Library/Caches/GeoServices/ActiveTileGroup.pbd

MD5 e9038b61860114d74320357e3c499256
SHA1 e05a83d71cf42e2b4d7cf1411c891bd565478d78
SHA256 9ff749f01fe2287d19c2b503ccf7d99e23046afa31235f4aa8180f87cc1db951
SHA512 3e0686ef0a98d7715e068bf6e093beee7e5301b4072617695619b4ea06e0f77691fa8208fba3bca0635f7c5e0ee1cd4948bfb6d16f647047d04f3799d180bab3

/private/var/db//keybags/persona.kb

MD5 45445bec0fe21446a7b5503605c9a652
SHA1 892b3d993c39e29092868f71a002cd2370f9758a
SHA256 0d706926a36f90962d9798dd87cc009ca9dd5cd3c536e3c12c8ff9a65ccf14df
SHA512 b4b97f3c4a3bd4a0f57332189926144f0838f660fd80c51b722bda8af2dc551f86c183830f5c4d012fd60607eb2047ea0ee7896b9800dc287af0ffeb2d3320ad

/Library/Preferences/com.apple.networkextension.uuidcache.plist

MD5 f7c5b3d0fc1f8e32f750e9b0d3e885f3
SHA1 bfa4a65f345f45cd1bf9267fa0d173f7d277b2db
SHA256 b3e6e0ebc7cdd61e832187c9e29e4bf23d9452d88b986478d1bf4dd3f62f126f
SHA512 99f8b8e0594b327f6492c86a28c40d15ce7f35afa0a30def860777b7ab89d38a847f20ba4cf51209ebe4394f55f6f318cd7d200a240c0cba961f5917f2380b67

/Users/run/Library/Safari/Favicon Cache/favicons/B9B22332C2775BAC7922099EC5E20EB5

MD5 79c897bd28b9ccc97f5b6575e3653fe6
SHA1 0dfe38884e3d4ad1abaab041a4c5523993e4b82b
SHA256 e58a8be4176bda139d271e49511fd1ab40fe07ae5de02c66c64c091732892594
SHA512 6aa85f5d6b079a9eddd8105237b6e3cb3e1cfb30fddd792a867131d1302a129d82f1f48d4d0ef7197c7224e44ef7662fb78eae8f2d566210a6952d67408bb6df

/System/Library/AssetsV2/com_apple_MobileAsset_TopLevelDomainDafsa/com_apple_MobileAsset_TopLevelDomainDafsa.xml

MD5 ebc2a19a18ff6bca039b54e59eb1a340
SHA1 2f8e29f150775f1d252a8b13b814600ea2804b64
SHA256 50d058659b632866a5778d68373f6abdf11994bebcb00a913b2ec082137cdeff
SHA512 5d6e7ced0f68aad9b51aac4fce485d7d9c0d3f3814a311e37ec39c3d70d229671b41dcea7d5b5fd67b1f7e2fdff7122ee6b58c42876bee8106280f17238b73ac

/var/db/nsurlstoraged/dafsaData.bin

MD5 7e6f706958b092cc383164b72f0747d3
SHA1 0b5610fe3452fcd8b30c39512b182ed2ea658d08
SHA256 3fa3a11ba183442ad6d6f0736d9a885c929157a52055867c8548ee4412dcaf02
SHA512 b9900d308bb49a051cf1a03134be994e387dc1707a45d81c8972dd05b6b3acb95f06120877f3ad3ee5f468200bbd1974ef82b170b32b51a36a8f892e849332ea

/Users/run/Library/Keychains/login.keychain-db

MD5 91a0e8a5556a6bd87b1ff5c0a3b25350
SHA1 0364deebbd213845861ceaedc5bd519f3f46ade5
SHA256 1afe1bdca6e6615d8c976b086b2437f9d6b89cbf52dcf0c266e566a706427c9d
SHA512 0c3805673ea2557efb826a1b67be9677755537622d9ed474ebe6f2d57f4b6ff10f8aab79cd460355dc85bb9ba0508ad80e42da1d621f435dc07e3e8905254706

/Users/run/Library/Safari/Favicon Cache/favicons/1C2781D6C6883A38DDCF70A155075520

MD5 aaecf9c038897af242f5d1d59e317abb
SHA1 c2706c1bbbe33e29149b928029956e77753e8f24
SHA256 80f1460ede9fb2582106a7cfb8d91bd3d14c4735e6a60d37d13017c6fcd373cb
SHA512 9b85ba088cae013ecf5ac59baf217c59bf05590dc4b51c21e6f8ec8e31171107c01105c70bc36fdce0d47b6917e86fbdc0cb52fc3ee012b761e7be3cd70fe7f9

/Users/run/Library/Safari/Favicon Cache/favicons/2800DC1739828F05C6477BD6D2351807

MD5 1263d4fd818e3ccdb33bd529075de514
SHA1 80f7989737ffd4f5c0167ed3a2123c704eec624a
SHA256 47f7131ce4913e1d49fda4283aed2824907eec694ed07237cc557952cccfbfe0
SHA512 89b0328ab6ab74e1a8cfc966dc416435377431cccd61f18a17f93c8e7c1ddc76b4a8ed95e67395b7f5c6759df3c296c55546bee3361f3bca44d3baf9e1b75d0f

/Library/Caches/com.apple.iconservices.store/8DAFA032-BCF7-3B0F-8548-EEB820761EF0.isdata

MD5 43fc0a758250774f8a4e52a6cfa3da61
SHA1 fcae4cc3f0de1907adc42270320ce8d3c0a21274
SHA256 8dafa032bcf7fb0f8548eeb820761ef0488d2b1ee7fae978a902fea2179024aa
SHA512 c0384999cbc33b443ad0a42df2563efc0f67aed8771a66bc5010450b3a7936105db151a9a238b2c0b5635e2fbeb75aabe7c8d3b23ea65ddda96338de99a3bc97

/Users/run/Library/Suggestions/pending/3.qdat

MD5 a34876d66bbe8f3c15426dd5050b22e3
SHA1 272f8718542d31e4f1df7ca2450301f355f898b8
SHA256 0d1cd7239de74181a93385530e3188b67d3db70d21c3f83135c084bbad9d8b2c
SHA512 2ede2aa26775900daf0135422c8a80c93025ef33707374f02216de57f6a7e3b20fc4b684eb7f6d8e5b01de742dde84674b566923113b934cab87962d47b7361e

/Users/run/Library/Suggestions/pending/4.qdat

MD5 4c6c2413a39f4518eedd862844dbf2fd
SHA1 740beffd43ca8f269312f75917b672cc2420c55e
SHA256 00d33045781ce4546bc226403512bb28cf0032c23f214131888afcc1d33daf09
SHA512 a01ca6e552a59c8cbedd3973cf78180e6db665ebe30b3882dc6137107bcf016e56acb40dd47b99e1c2cca26d2e2efc9a829ced1fa2223781aae6f27c63bf8372

/Users/run/Library/Preferences/com.apple.security.cloudkeychainproxy3.keysToRegister.plist

MD5 14798ea64c710aadfdc1694b0b3c596c
SHA1 7788e2cc3bf6a656b570446cd668cb8319d113b9
SHA256 8201fe862ae9353835d600f5af778d0ef72559d41d7b9f07a59421f02ee6b1c3
SHA512 de70b800ea2dd56b76992e7d7e57890ed224488bb40e270067bf9965152f20f65f1487b14a06fd6dafe80b6bddb8d9b50ddc8e5ca1a4eb7b550232ed56098902