{"id":5496,"date":"2020-08-06T10:25:31","date_gmt":"2020-08-06T17:25:31","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=5496"},"modified":"2024-04-26T13:21:20","modified_gmt":"2024-04-26T20:21:20","slug":"the-return-of-emotet","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/","title":{"rendered":"The Return of Emotet"},"content":{"rendered":"<p>On 17 July, Proofpoint\u2019s threat research team observed a malicious spam (malspam) campaign featuring the return of the Emotet malware after a five-month hiatus. This was a sizable campaign that included nearly a quarter-million malspam messages.<sup>1<\/sup><\/p>\n<p>While the scope of this campaign differs from our previous report on Emotet,<sup>2<\/sup> the tactics and techniques it uses are largely the same. Threat actors use Emotet to steal stored passwords, sensitive banking data, and browser histories from victims\u2019 computers.<\/p>\n<p>The email lures observed in this campaign are simple in nature and are similar to lures that Emotet has previously used. The subject lines are largely generic terms like <em>\u201c<\/em>Re:<em>\u201d<\/em> or <em>\u201c<\/em>Invoice#<em>\u201d <\/em>followed by a series of numbers, but some also include the names of targeted organizations. Message bodies are generic and reference an attachment that the user must open. The attachments are Microsoft Office documents (e.g. Word or Excel) with filenames themed after common business documents like payroll and resumes.<\/p>\n<p>When the user opens the attached document, they are directed to enable macros. Once the user enables macros, the macros execute a Powershell (<em>powershell.exe)<\/em> command that attempts to download the Emotet payload <em>(WFSR.exe)<\/em> from one of five Base64-encoded domain names embedded in the command. If this download is successful then the Powershell command proceeds to execute the Emotet payload.<\/p>\n<p>Upon execution, Emotet attempts to steal sensitive information from the victim and exfiltrate this data to one of its command and control (C2) servers. After stealing the victim\u2019s information Emotet will typically attempt to install additional malware, but it is currently unclear what additional payloads this particular campaign may be delivering.<\/p>\n<p>Infoblox\u2019s full report on this instance of the malware will be available soon on our <a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\">Threat Intelligence Reports<\/a> page.<\/p>\n<p><strong>Endnotes<\/strong><\/p>\n<ol>\n<li><a href=\"https:\/\/www.proofpoint.com\/us\/blog\/security-briefs\/emotet-returns-after-five-month-hiatus\">https:\/\/www.proofpoint.com\/us\/blog\/security-briefs\/emotet-returns-after-five-month-hiatus<\/a><\/li>\n<li><a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence--53\">https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence&#8211;53<\/a><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>On 17 July, Proofpoint\u2019s threat research team observed a malicious spam (malspam) campaign featuring the return of the Emotet malware after a five-month hiatus. This was a sizable campaign that included nearly a quarter-million malspam messages.1 While the scope of this campaign differs from our previous report on Emotet,2 the tactics and techniques it uses [&hellip;]<\/p>\n","protected":false},"author":397,"featured_media":3148,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[254],"tags":[189,294,32,15,36],"class_list":{"0":"post-5496","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threat-intelligence","8":"tag-cybersecurity","9":"tag-malspam","10":"tag-malware","11":"tag-security","12":"tag-threats","13":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>The Return of Emotet<\/title>\n<meta name=\"description\" content=\"On 17 July, Proofpoint\u2019s threat research team observed a malicious spam (malspam) campaign featuring the return of the Emotet malware after a five month hiatus. This was a sizable campaign that included nearly a quarter million malspam messages.1While the scope of this campaign differs from our previous report on Emotet,2 the tactics and techniques it uses are largely the same. Threat actors use Emotet to steal stored passwords, sensitive banking data, and browser histories from victims\u2019 computers.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Return of Emotet\" \/>\n<meta property=\"og:description\" content=\"On 17 July, Proofpoint\u2019s threat research team observed a malicious spam (malspam) campaign featuring the return of the Emotet malware after a five month hiatus. This was a sizable campaign that included nearly a quarter million malspam messages.1While the scope of this campaign differs from our previous report on Emotet,2 the tactics and techniques it uses are largely the same. Threat actors use Emotet to steal stored passwords, sensitive banking data, and browser histories from victims\u2019 computers.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-06T17:25:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:21:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/DNS-threat-index.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"The Return of Emotet\",\"datePublished\":\"2020-08-06T17:25:31+00:00\",\"dateModified\":\"2024-04-26T20:21:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/\"},\"wordCount\":311,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/DNS-threat-index.jpg\",\"keywords\":[\"Cybersecurity\",\"Malspam\",\"Malware\",\"Security\",\"Threats\"],\"articleSection\":[\"Infoblox Threat Intel\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/\",\"name\":\"The Return of Emotet\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/DNS-threat-index.jpg\",\"datePublished\":\"2020-08-06T17:25:31+00:00\",\"dateModified\":\"2024-04-26T20:21:20+00:00\",\"description\":\"On 17 July, Proofpoint\u2019s threat research team observed a malicious spam (malspam) campaign featuring the return of the Emotet malware after a five month hiatus. This was a sizable campaign that included nearly a quarter million malspam messages.1While the scope of this campaign differs from our previous report on Emotet,2 the tactics and techniques it uses are largely the same. Threat actors use Emotet to steal stored passwords, sensitive banking data, and browser histories from victims\u2019 computers.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/DNS-threat-index.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/DNS-threat-index.jpg\",\"width\":660,\"height\":454},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/the-return-of-emotet\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"The Return of Emotet\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The Return of Emotet","description":"On 17 July, Proofpoint\u2019s threat research team observed a malicious spam (malspam) campaign featuring the return of the Emotet malware after a five month hiatus. This was a sizable campaign that included nearly a quarter million malspam messages.1While the scope of this campaign differs from our previous report on Emotet,2 the tactics and techniques it uses are largely the same. Threat actors use Emotet to steal stored passwords, sensitive banking data, and browser histories from victims\u2019 computers.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/","og_locale":"en_US","og_type":"article","og_title":"The Return of Emotet","og_description":"On 17 July, Proofpoint\u2019s threat research team observed a malicious spam (malspam) campaign featuring the return of the Emotet malware after a five month hiatus. This was a sizable campaign that included nearly a quarter million malspam messages.1While the scope of this campaign differs from our previous report on Emotet,2 the tactics and techniques it uses are largely the same. Threat actors use Emotet to steal stored passwords, sensitive banking data, and browser histories from victims\u2019 computers.","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/","og_site_name":"Infoblox Blog","article_published_time":"2020-08-06T17:25:31+00:00","article_modified_time":"2024-04-26T20:21:20+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/DNS-threat-index.jpg","type":"image\/jpeg"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"The Return of Emotet","datePublished":"2020-08-06T17:25:31+00:00","dateModified":"2024-04-26T20:21:20+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/"},"wordCount":311,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/DNS-threat-index.jpg","keywords":["Cybersecurity","Malspam","Malware","Security","Threats"],"articleSection":["Infoblox Threat Intel"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/","name":"The Return of Emotet","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/DNS-threat-index.jpg","datePublished":"2020-08-06T17:25:31+00:00","dateModified":"2024-04-26T20:21:20+00:00","description":"On 17 July, Proofpoint\u2019s threat research team observed a malicious spam (malspam) campaign featuring the return of the Emotet malware after a five month hiatus. This was a sizable campaign that included nearly a quarter million malspam messages.1While the scope of this campaign differs from our previous report on Emotet,2 the tactics and techniques it uses are largely the same. Threat actors use Emotet to steal stored passwords, sensitive banking data, and browser histories from victims\u2019 computers.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/DNS-threat-index.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/DNS-threat-index.jpg","width":660,"height":454},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/the-return-of-emotet\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"The Return of Emotet"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5496","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=5496"}],"version-history":[{"count":1,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5496\/revisions"}],"predecessor-version":[{"id":5497,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5496\/revisions\/5497"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/3148"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=5496"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=5496"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=5496"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}