GreyNoise Labs Weekly OAST (Well-known Out-of-band Interaction Domains) Report • Week Ending 2026-02-06

GreyNoise observed 3,979 HTTP OAST callbacks from 245 IPs during 31 Jan–7 Feb 2026 across 82 distinct scanning campaigns, dominated by hosting/cloud ASNs and heterogeneous tooling (including a Nuclei MSS 65495 fingerprint). The activity targeted 196 vulnerability classes—most notably Log4j (CVE-2021-44228, ~1,090 attempts)—and produced 3,707 unique OAST domains; investigators should monitor outbound OAST domains, alert on the Nuclei JA4 fingerprint, prioritize patches for top CVEs, and investigate the Feb 6 anomaly where a single OAST domain yielded callbacks from 204 unique IPs.