{"id":5596,"date":"2020-09-30T17:02:17","date_gmt":"2020-10-01T00:02:17","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=5596"},"modified":"2024-08-07T12:23:21","modified_gmt":"2024-08-07T19:23:21","slug":"glupteba-backdoor-trojan","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/","title":{"rendered":"Glupteba Backdoor Trojan"},"content":{"rendered":"<p>Author: Christopher Kim<\/p>\n<p>TLP: WHITE<\/p>\n<p>From 20 to 26 September, Infoblox detected communications between malicious Glupteba bots and command and control (C2) servers in customer DNS traffic. This activity was identified by our Threat Insight<sup>1<\/sup> (TI) security solution, which employs machine learning models to detect and block certain types of malicious behavior, in this case data exfiltration.<sup>2<\/sup><\/p>\n<p>Glupteba is a backdoor trojan that was first discovered in 2014.<sup>3<\/sup> What sets it apart from other backdoors is its sophisticated functionality for stealthily controlling remote bots. The malware can also use modules to perform the following tasks:<\/p>\n<ul>\n<li>Install a rootkit to control the bot and hide malware files and processes from the system administrator.<\/li>\n<li>Turn off antivirus and security monitoring programs.<\/li>\n<li>Propagate across the victim\u2019s network using EternalBlue variant exploits.<\/li>\n<li>Compromise unpatched ethernet routers and use them as network proxies for future attacks.<\/li>\n<li>Steal data from local browser files.<\/li>\n<li>Secretly run cryptominers.<\/li>\n<\/ul>\n<p>In late 2019, the malware authors applied a significant update that allows Glupteba to fetch C2 information by querying Bitcoin transaction IDs hardcoded into the binary.<sup>4<\/sup><\/p>\n<p>Threat Insight detected 28 unique second-level domains (SLDs) in customer DNS traffic that were used for C2 communications. The domains are all inherently malicious and were registered between March and May 2020. The threat actor registered most of the domains with\u00a0companies such as GoDaddy, Namecheap, or 101domain. The threat actor set all the nameservers to Cloudflare, a network provider often used by miscreants for its Dynamic DNS services.<\/p>\n<p>Domain names may have been generated with a dictionary-based domain generation algorithm (DGA). Each domain name is alphanumeric and consists of two or more words. Each bot submitted hundreds of DNS requests to fully qualified domain names (FQDNs) that contained a patterned global unique identifier (GUID).<\/p>\n<p>Infoblox\u2019s full report on this campaign will be available soon on our<a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\"> Threat Intelligence Reports<\/a> page.<\/p>\n<h3><strong>Endnotes<\/strong><\/h3>\n<ol>\n<li>https:\/\/www.infoblox.com\/products\/threat-insight\/<\/li>\n<li>https:\/\/www.infoblox.com\/glossary\/dns-tunneling\/<\/li>\n<li>https:\/\/labs.bitdefender.com\/2019\/12\/revisiting-glupteba-still-relevant-five-years-after-debut\/<\/li>\n<li>https:\/\/news.sophos.com\/en-us\/2020\/06\/24\/glupteba-report\/<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Author: Christopher Kim TLP: WHITE From 20 to 26 September, Infoblox detected communications between malicious Glupteba bots and command and control (C2) servers in customer DNS traffic. This activity was identified by our Threat Insight1 (TI) security solution, which employs machine learning models to detect and block certain types of malicious behavior, in this case [&hellip;]<\/p>\n","protected":false},"author":397,"featured_media":2730,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[254],"tags":[325,106,189],"class_list":{"0":"post-5596","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threat-intelligence","8":"tag-bot","9":"tag-data-exfiltration","10":"tag-cybersecurity","11":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Glupteba Backdoor Trojan<\/title>\n<meta name=\"description\" content=\"From 20 to 26 September, Infoblox detected communications between malicious Glupteba bots and command and control (C2) servers in customer DNS traffic. This activity was identified by our Threat Insight1 (TI) security solution, which employs machine learning models to detect and block certain types of malicious behavior, in this case data exfiltration.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Glupteba Backdoor Trojan\" \/>\n<meta property=\"og:description\" content=\"From 20 to 26 September, Infoblox detected communications between malicious Glupteba bots and command and control (C2) servers in customer DNS traffic. This activity was identified by our Threat Insight1 (TI) security solution, which employs machine learning models to detect and block certain types of malicious behavior, in this case data exfiltration.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-10-01T00:02:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-07T19:23:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/april-14-2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"Glupteba Backdoor Trojan\",\"datePublished\":\"2020-10-01T00:02:17+00:00\",\"dateModified\":\"2024-08-07T19:23:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/\"},\"wordCount\":331,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/april-14-2.jpg\",\"keywords\":[\"bot\",\"Data Exfiltration\",\"Cybersecurity\"],\"articleSection\":[\"Infoblox Threat Intel\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/\",\"name\":\"Glupteba Backdoor Trojan\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/april-14-2.jpg\",\"datePublished\":\"2020-10-01T00:02:17+00:00\",\"dateModified\":\"2024-08-07T19:23:21+00:00\",\"description\":\"From 20 to 26 September, Infoblox detected communications between malicious Glupteba bots and command and control (C2) servers in customer DNS traffic. This activity was identified by our Threat Insight1 (TI) security solution, which employs machine learning models to detect and block certain types of malicious behavior, in this case data exfiltration.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/april-14-2.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/april-14-2.jpg\",\"width\":660,\"height\":454,\"caption\":\"Cable & Wireless Panama: Infoblox Helps Telecom Provider Protect From Attacks and Boost Uptime\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/glupteba-backdoor-trojan\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Glupteba Backdoor Trojan\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Glupteba Backdoor Trojan","description":"From 20 to 26 September, Infoblox detected communications between malicious Glupteba bots and command and control (C2) servers in customer DNS traffic. This activity was identified by our Threat Insight1 (TI) security solution, which employs machine learning models to detect and block certain types of malicious behavior, in this case data exfiltration.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/","og_locale":"en_US","og_type":"article","og_title":"Glupteba Backdoor Trojan","og_description":"From 20 to 26 September, Infoblox detected communications between malicious Glupteba bots and command and control (C2) servers in customer DNS traffic. This activity was identified by our Threat Insight1 (TI) security solution, which employs machine learning models to detect and block certain types of malicious behavior, in this case data exfiltration.","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/","og_site_name":"Infoblox Blog","article_published_time":"2020-10-01T00:02:17+00:00","article_modified_time":"2024-08-07T19:23:21+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/april-14-2.jpg","type":"image\/jpeg"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"Glupteba Backdoor Trojan","datePublished":"2020-10-01T00:02:17+00:00","dateModified":"2024-08-07T19:23:21+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/"},"wordCount":331,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/april-14-2.jpg","keywords":["bot","Data Exfiltration","Cybersecurity"],"articleSection":["Infoblox Threat Intel"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/","name":"Glupteba Backdoor Trojan","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/april-14-2.jpg","datePublished":"2020-10-01T00:02:17+00:00","dateModified":"2024-08-07T19:23:21+00:00","description":"From 20 to 26 September, Infoblox detected communications between malicious Glupteba bots and command and control (C2) servers in customer DNS traffic. This activity was identified by our Threat Insight1 (TI) security solution, which employs machine learning models to detect and block certain types of malicious behavior, in this case data exfiltration.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/april-14-2.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/april-14-2.jpg","width":660,"height":454,"caption":"Cable & Wireless Panama: Infoblox Helps Telecom Provider Protect From Attacks and Boost Uptime"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/glupteba-backdoor-trojan\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"Glupteba Backdoor Trojan"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5596","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=5596"}],"version-history":[{"count":1,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5596\/revisions"}],"predecessor-version":[{"id":5597,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5596\/revisions\/5597"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/2730"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=5596"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=5596"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=5596"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}