Internal requests in logs

After belatedly upgrading to piwik 3 I’ve found this head-scratcher and don’t know if it is a Bug or a Feature:

Alongside the normal requests for piwik.php, site logs include requests in this form: - - [27/Mar/2017:04:59:11 -0700] “GET /piwik/?module=API&format=csv&convertToUnicode=0&method=CoreAdminHome.runScheduledTasks&trigger=archivephp&token_auth={blahblah} HTTP/1.1” 403 et cetera

– is my server’s IP (shared hosting), but the requests come with an X-Forwarded-For header corresponding to the human visitor’s IP.
– The entire request, including the token_auth code, is always the same. I think it comes in once per human visit.
– The User-Agent is the human visitor’s UA.
– The requests are getting blocked because of deficient headers. (It is in my power to change this.)
– As far as I can tell, these blocked requests have no effect on piwik performance.

What is the server doing?
Should I allow the requests? Will anything change if I do?