Safari Burps

[vaughnhart]

I don't know what else to call it so I'm naming it Safari burps. This is when Safari hold a months' worth of browsing history even though you have it set to one day. The only way to get rid of this is to clear all browsing history. and then make sure to clear all ~/Library/Cache and Saved Application State cache as well, then reboot.

More concerning is a ticket that I have open with Cisco Umbrella. I presumed it was the Safari option - Check for fraudulent sites... but there appeared a 24x7 (even when Safari wasn't open) check to websitereview.corp.apple.com in my Cisco Umbrella DNS logs.

Here is what Cisco said:

Thank you for contacting Cisco OpenDNS support.

We can find or access the domain websitereview.corp[.]apple[.]com and when we try we receive a message that says This site can’t be reachedCheck if there is a typo in websitereview.corp.apple.com.
DNS_PROBE_FINISHED_NXDOMAIN

This could be a domain generated by some sort of application on one of the user's workstations that's "pinging" to see if there's a live internet connection. It could be an antivirus program, or any other application that does such checks.

This made me take a look at my activity logs... and this website was number one with over 7k request (14x the next website), even when I wasn't running Safari!!!! And I couldn't see this request in my flow logs. But once I did the clear browsing history/cache/saved application state (aka Safari Burp) this disappeared. I think I only caught this traffic because I cut DNS leaks and set all DNS traffic to Umbrella servers (even port 53).

Have you seen Safari Burps? No one else seems to have these issues but me... and they are persistent across different machines and OSes.

apple 24 hours (America_New_York).csv

[vaughnhart]

Cisco Umbrella says they have no way to triage this... since it's not something they can't prevent from their side. Any suggestions?

[vaughnhart]

which means it has to be something local on the network I don't control at the Manhattan Bowery Lodge.

[vaughnhart]

I got this CSRF error on Safari... when loading very plain Jane websites. I had to burp Safari on my iPhone but because of syncing I wonder if someone could use this as a backdoor across systems.

[vaughnhart]

I had to burp safari again but it may be tied into Private Relay. Even though I've seen this same error for the last five Mac OS versions or so. Any suggestions?

[jamierrichardson]

Vaughn, this doesn't seem like an issue with the functioning of this project. If this is an issue you have experienced with multiple releases of macOS, perhaps consider contacting AppleCare support?

[vaughnhart]

I cleared my cache and installed Adsorbs and Safari isn't congested anymore... for the last week or so. No need to burp it! Someone's cookies can trigger Safari caching and keeping your browsing history beyond your settings.... is what I'm saying.

[vaughnhart]

https://pi-hole.net

This is the basis for Adsorb.