I’ve been seeing this for some time so you will see it soon too. We speak here mostly about SNMP probes coming from a set of very specific IPs. If you do a search on IP you get to the webpage below (critical.io ) , explaining to the reader that it constitutes a vulnerability/misconfiguration disclosure effort by HD Moore exercised on the wide Internet for our own good .
I haven’t had answer from Hd Moore himself (probably because of Defcon:) ) so can’t really deny nor confirm this claim I did heard I did hear from him, it is indeed scans done by him.
Anyway, as the scans are much more frequent/agressive than usual attack/scan attempts I see everyday, I decided , while not seeing them as any threat, to filter them out and here are IP addresses if you decide too.
Screenshot of the website hosted on aforementioned IPs: