WP Forum Post: https://wordpress.org/support/topic/too-many-wp-json-records-in-sevurity-log?replies=2#post-8346801
The LTX71 Bot, which is located on this server: http://whois.domaintools.com/ltx71.com and uses Amazon AWS DNS is crawling/scanning the site and is requesting/accessing the WordPress wp-json oembed API URI’s directly in a way that they are not intended to be requested/accessed. The WP JSON oEmbed URI’s are intended to be requested/accessed by REST API enpoints: https://developer.wordpress.com/docs/oembed-provider-api/ and not just randomly crawled by bots. You can either ignore the Security Log entries or you can allow the LTX71 bot or any other bots to do something that they should not be doing on your website. If you want to allow this bot and other bots to do something they should not be doing on your website then post a reply in this forum topic requesting the steps to allow/not block this bot and other bots from doing this on your website.
When you check the ltx71.com website directly you will see this message below displayed:
LTX71
We continuously scan the internet for security research purposes. Our crawling is not malicious and only notes summary information for a page.
If you have further questions please contact [removed for privacy and per WP Forum posting rules].
[403 GET Request: April 22, 2016 8:10 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 54.87.199.12 Host Name: ec2-54-87-199-12.compute-1.amazonaws.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-json/oembed/1.0/embed?url=http://example.com/ QUERY_STRING: HTTP_USER_AGENT: ltx71 - (http://ltx71.com/)