little-snitch-rules/rules/Safari.lsrules

{
  "description" : "",
  "name" : "Apple - Safari (internet)",
  "rules" : [
    {
      "action" : "allow",
      "ports" : "123",
      "process" : "\/Applications\/Safari.app\/Contents\/MacOS\/Safari",
      "protocol" : "udp",
      "remote-hosts" : "time-macos.apple.com"
    },
    {
      "action" : "allow",
      "disabled" : true,
      "ports" : "443",
      "process" : "\/usr\/libexec\/nsurlsessiond",
      "protocol" : "tcp",
      "remote-hosts" : [
	    "certs.apple.com",
	    "ocsp2.apple.com",
	    "valid.apple.com"
      ]
    },
    {
      "action" : "allow",
      "ports" : "443",
      "process" : "\/usr\/libexec\/trustd",
      "protocol" : "tcp",
      "remote-hosts" : "ocsp2.apple.com"
    },
    {
      "action" : "allow",
      "ports" : "80",
      "process" : "\/usr\/libexec\/trustd",
      "protocol" : "tcp",
      "remote" : "any"
    },
    {
      "action" : "allow",
      "ports" : "80",
      "process" : "\/usr\/libexec\/trustd",
      "protocol" : "tcp",
      "remote-hosts" : [
        "ocsp.usertrust.com",
        "apps.identrust.com",
        "cacerts.digicert.com",
        "ocsp.vikingcloud.com",
        "ocsp.godaddy.com",
        "ocsp.digicert.com",
        "x1.i.lencr.org",
		"r3.i.lencr.org",
        "r10.o.lencr.org",
        "ocsp2.globalsign.com",
        "secure.globalsign.com",
        "ocsp.sectigo.com",
		"crt.sectigo.com",
        "ocsp.rootca1.amazontrust.com",
        "ocsp.pki.goog",
        "ocsp.entrust.net",
        "ocsp.comodoca.com",
		"crt.comodoca.com",
        "aia.entrust.net",
        "cacerts.geotrust.com"
      ]
    },
    {
      "action" : "allow",
      "disabled" : true,
      "ports" : "80",
      "process" : "\/usr\/libexec\/captiveagent",
      "protocol" : "tcp",
      "remote-hosts" : "captive.apple.com"
    }, 
    {
      "action" : "allow",
      "disabled" : true,
      "ports" : "443",
      "process" : "\/Library\/Apple\/System\/Library\/CoreServices\/SafariSupport.bundle\/Contents\/MacOS\/PasswordBreachAgent",
      "protocol" : "tcp",
      "remote-hosts" : "configuration.apple.com"
    },
    {
      "action" : "allow",
      "disabled" : true,
      "ports" : "443",
      "process" : "\/System\/Library\/PrivateFrameworks\/SafariSafeBrowsing.framework\/Versions\/A\/com.apple.Safari.SafeBrowsing.Service",
      "protocol" : "tcp",
      "remote-hosts" : "safebrowsing.googleapis.com"
    },
    {
      "action" : "allow",
      "disabled" : true,
      "ports" : "80",
      "process" : "\/System\/Library\/PrivateFrameworks\/SafariSafeBrowsing.framework\/Versions\/A\/com.apple.Safari.SafeBrowsing.Service",
      "protocol" : "tcp",
      "remote-hosts" : "proxy.safebrowsing.apple"
    },
    {
      "action" : "allow",
      "disabled" : true,
      "ports" : "443",
      "process" : "\/System\/Library\/PrivateFrameworks\/SafariSafeBrowsing.framework\/Versions\/A\/com.apple.Safari.SafeBrowsing.Service",
      "protocol" : "tcp",
      "remote-hosts" : "configuration.apple.com"
    },
    {
      "action" : "allow",
      "disabled" : true,
      "ports" : "443",
      "process" : "\/System\/Library\/PrivateFrameworks\/SafariSafeBrowsing.framework\/Versions\/A\/com.apple.Safari.SafeBrowsing.Service",
      "protocol" : "tcp",
      "remote-hosts" : "safebrowsing.googleapis.com"
    },
    {
      "action" : "allow",
      "ports" : "443",
      "process" : "\/System\/Library\/PrivateFrameworks\/SafariSafeBrowsing.framework\/Versions\/A\/com.apple.Safari.SafeBrowsing.Service",
      "protocol" : "tcp",
      "remote-hosts" : "token.safebrowsing.apple"
    },
    {
      "action" : "allow",
      "ports" : "443",
      "process" : "\/System\/Library\/PrivateFrameworks\/Translation.framework\/translationd",
      "protocol" : "tcp",
      "remote-hosts" : "sequoia.apple.com"
    }
  ]
}