# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.reversinglabs.com/blog/operation-brainleeches-malicious-npm-packages-fuel-supply-chain-and-phishing-attacks

http://137.184.153.238
137.184.153.238:443
brainleeches.xyz
ourwhite.brainleeches.xyz

# Reference: https://blog.sonatype.com/npm-packages-caught-exfiltrating-kubernetes-config-ssh-keys
# Reference: https://blog.phylum.io/sensitive-data-exfiltration-campaign-targets-npm-and-pypi/

threatest.com
app.threatest.com
down.threatest.com
cjq18vv2vtc0000pszdggkb7ssayyyyyd.oast.fun
