SSRFHackerOnessrfoobmonitoringcallbackexternal-requestOPEN

Monitoring infra sends 1000+ OOB callbacks to external endpoint — possible SSRF

Set up a callback server and observed over 1000 out-of-band HTTP requests originating from a crypto exchange monitoring infrastructure. The callbacks come from multiple distinct IPs and contain internal path information. This suggests the platform fetch or monitoring system is making requests to attacker-controlled URLs without proper validation. The traffic pattern suggests automated health checks or URL validation that follows external links. I need help determining whether this qualifies as SSRF under the program scope, and whether the volume and IP diversity strengthens or weakens the case.