{"id":694,"date":"2026-01-20T10:07:15","date_gmt":"2026-01-20T10:07:15","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/"},"modified":"2026-01-20T10:07:15","modified_gmt":"2026-01-20T10:07:15","slug":"add-punycode-to-your-threat-hunting-routine-tue-jan-20th","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/","title":{"rendered":"Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th)"},"content":{"rendered":"<div>\n<p>IDNs or \u201cInternational Domain Names\u201d have been with us for a while now (see RFC3490[<a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc3490\">1<\/a>]). They are (ab)used in many attack scenarios because.. it works! Who can immediately spot the difference between:<\/p>\n<pre style=\"background: rgb(238, 238, 238); border: 1px solid rgb(204, 204, 204); padding: 5px 10px;\">\nhttps:\/\/youtube.com\/<\/pre>\n<p>And:<\/p>\n<pre style=\"background: rgb(238, 238, 238); border: 1px solid rgb(204, 204, 204); padding: 5px 10px;\">\nhttps:\/\/youtube.com\/<\/pre>\n<p>The magic\u00a0is to replace classic characters by others that look almost the same. In the example above, the letter \u201co\u201d has been replaced by Greek character \u201co\u201d.<\/p>\n<p>If they are very efficient for attackers, they remain below the radar in many organizations. To avoid issues when printing unusual characters, Punycode[<a href=\"https:\/\/en.wikipedia.org\/wiki\/Punycode\">2<\/a>] helps to encode them in plain characters. The example above will be encoded as:<\/p>\n<pre style=\"background: rgb(238, 238, 238); border: 1px solid rgb(204, 204, 204); padding: 5px 10px;\">\nxn--yutube-wqf.com<\/pre>\n<p>This format is based on:<\/p>\n<ul>\n<li>\u201cxn--\u201c : the common prefix for all IDNs requests.<\/li>\n<li>\u201cyutube.com\u201d: The normal ASCII characters<\/li>\n<li>\u201cwqf\u201d : The Punycode encoded version of the Unicode character<\/li>\n<\/ul>\n<p>Python can decode them easily:<\/p>\n<pre style=\"background: rgb(238, 238, 238); border: 1px solid rgb(204, 204, 204); padding: 5px 10px;\">\n$ python3\nPython 3.12.3 (main, Jan  8 2026, 11:30:50) [GCC 13.3.0] on linux\nType \"help\", \"copyright\", \"credits\" or \"license\" for more information.\n&gt;&gt;&gt; domain = \"xn--yutube-wqf.com\"\n&gt;&gt;&gt; decoded = domain.encode(\"ascii\").decode(\"idna\")\n&gt;&gt;&gt; print(decoded)\ny?utube.com\n&gt;&gt;&gt; for c in decoded:\n...     print(f\"{c} -&gt; {ord(c)}\")\n...\ny -&gt; 121\n? -&gt; <span style=\"background-color:#f39c12;\">1086<\/span>\nu -&gt; 117\nt -&gt; 116\nu -&gt; 117\nb -&gt; 98\ne -&gt; 101\n. -&gt; 46\nc -&gt; 99\no -&gt; 111\nm -&gt; 109\n&gt;&gt;&gt;<\/pre>\n<p>You can see the value of \u201co\u201d is not \u201cusual\u201d (not in the ASCII range). They are plenty of online tools that can (de|en)code Punycode[<a href=\"https:\/\/regery.com\/en\/domains\/tools\/punycode-decoder\">3<\/a>].<\/p>\n<p>If not all IDNs are suspicious, they are not very common and deserve some searches in your logs. If you already collect your DNS resolver logs (I hope you do!), it\u2019s easy to search for such domains:<\/p>\n<pre style=\"background: rgb(238, 238, 238); border: 1px solid rgb(204, 204, 204); padding: 5px 10px;\">\n$ grep \"xn--\" queries.log*\nqueries.log:19-Jan-2026 19:54:38.399 queries: info: client @0x999999999999 192.168.255.13#47099 (in.xn--b1akcbzf.xn--90amc.xn--p1acf): query: in.xn--b1akcbzf.xn--90amc.xn--p1acf IN A +E(0) (192.168.254.8)\nqueries.log:20-Jan-2026 04:38:25.877 queries: info: client @0x999999999999 192.168.255.13#49850 (in.xn--b1akcbzf.xn--90amc.xn--p1acf): query: in.xn--b1akcbzf.xn--90amc.xn--p1acf IN A +E(0) (192.168.254.8)\nqueries.log.0:18-Jan-2026 15:22:11.741 queries: info: client @0x9999999999 192.168.255.13#60763 (in.xn--b1akcbzf.xn--90amc.xn--p1acf): query: in.xn--b1akcbzf.xn--90amc.xn--p1acf IN A +E(0) (192.168.254.8)\nqueries.log.0:18-Jan-2026 17:27:23.127 queries: info: client @0x99999999999 192.168.255.13#44141 (in.xn--b1akcbzf.xn--90amc.xn--p1acf): query: in.xn--b1akcbzf.xn--90amc.xn--p1acf IN A +E(0) (192.168.254.8)\nqueries.log.0:18-Jan-2026 22:54:36.841 queries: info: client @0x99999999999 192.168.255.13#35963 (in.xn--b1akcbzf.xn--90amc.xn--p1acf): query: in.xn--b1akcbzf.xn--90amc.xn--p1acf IN A +E(0) (192.168.254.8)<\/pre>\n<p>The detected Punycode domain is decoded to:\u00a0<\/p>\n<p><img decoding=\"async\" alt=\"\" src=\"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png\" style=\"width: 98px; height: 23px;\"><\/p>\n<p>Another good proof that DNS is a goldmine for threat hunting!<\/p>\n<p>[1] <a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc3490\">https:\/\/datatracker.ietf.org\/doc\/html\/rfc3490<\/a><br \/>\n[2]\u00a0<a href=\"https:\/\/en.wikipedia.org\/wiki\/Punycode\">https:\/\/en.wikipedia.org\/wiki\/Punycode<\/a><br \/>\n[3]\u00a0<a href=\"https:\/\/regery.com\/en\/domains\/tools\/punycode-decoder\">https:\/\/regery.com\/en\/domains\/tools\/punycode-decoder<\/a><\/p>\n<p>Xavier Mertens (@xme)<br \/>\nXameco<br \/>\nSenior ISC Handler &#8211; Freelance Cyber Security Consultant<br \/>\n<a href=\"https:\/\/keybase.io\/xme\/key.asc\">PGP Key<\/a><\/p>\n<p> (c) SANS Internet Storm Center. https:\/\/isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>IDNs or \u201cInternational Domain Names\u201d have been with us for a while now (see RFC3490[1]). They are (ab)used in many attack scenarios because.. it works! Who can immediately spot the difference between: https:\/\/youtube.com\/ And: https:\/\/youtube.com\/ The magic\u00a0is to replace classic characters by others that look almost the same. In the example above, the letter \u201co\u201d [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[90],"tags":[91],"class_list":["post-694","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th) - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th) - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"IDNs or \u201cInternational Domain Names\u201d have been with us for a while now (see RFC3490[1]). They are (ab)used in many attack scenarios because.. it works! Who can immediately spot the difference between: https:\/\/youtube.com\/ And: https:\/\/youtube.com\/ The magic\u00a0is to replace classic characters by others that look almost the same. In the example above, the letter \u201co\u201d [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-20T10:07:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th)\",\"datePublished\":\"2026-01-20T10:07:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/\"},\"wordCount\":274,\"image\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/\",\"name\":\"Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th) - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png\",\"datePublished\":\"2026-01-20T10:07:15+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#primaryimage\",\"url\":\"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png\",\"contentUrl\":\"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th) - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/","og_locale":"en_US","og_type":"article","og_title":"Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th) - Imperative Business Ventures Limited","og_description":"IDNs or \u201cInternational Domain Names\u201d have been with us for a while now (see RFC3490[1]). They are (ab)used in many attack scenarios because.. it works! Who can immediately spot the difference between: https:\/\/youtube.com\/ And: https:\/\/youtube.com\/ The magic\u00a0is to replace classic characters by others that look almost the same. In the example above, the letter \u201co\u201d [&hellip;]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-01-20T10:07:15+00:00","og_image":[{"url":"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png","type":"","width":"","height":""}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th)","datePublished":"2026-01-20T10:07:15+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/"},"wordCount":274,"image":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#primaryimage"},"thumbnailUrl":"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png","keywords":["Cybersecurity"],"articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/","name":"Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th) - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#primaryimage"},"image":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#primaryimage"},"thumbnailUrl":"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png","datePublished":"2026-01-20T10:07:15+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#primaryimage","url":"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png","contentUrl":"https:\/\/isc.sans.edu\/diaryimages\/images\/isc-20260120-1.png"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/20\/add-punycode-to-your-threat-hunting-routine-tue-jan-20th\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th)"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/694","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=694"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/694\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=694"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=694"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=694"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}