The Philippine Honeynet project is detecting an uptick in scans for Cisco web access. The tool most likely used is ciscoscanner v 0.2. See the full analysis for details, and thanks to Ryan Talabis for pointing this out to us.

Reminder: It is a good idea to disable all unused remote access options, in particular unencrypted access like HTTP. If you must have unencrypted access enabled, limit it to trusted IP addresses that access the device over a trusted network.