I noticed that one of our orgs is getting a series of API requests from 18.203.127.221 every two hours.
This is an AWS IP, but we're not hosting anything on AWS that should be making API calls.
Relating to location scanning, which is disabled on that org, presumably it's some cloud-based wirelesss analytics/similar platform.
Calls being made are...
getNetworkLocationScanning <<< lots of these, all get a 404 response because location is disabled
getOrganizationDevices
getOrganizationNetworks
getNetworkFloorPlans
getNetworkWirelessSsids
getOrganizationConfigurationChanges
It's using a key from one of my read-only accounts, but I don't recall ever setting any kind of location scanning on this org.
I guess it's possible that one of us set up a demo for the customer using my key.
Trouble is, I can't figure out how to work back from the AWS IP to what is generating the requests, the userAgent in the getOrganizationApiRequests response is blank.
Any ideas?