I forked it to avoid the hackers make it disappear. The original link was https://github.com/superchaindev/TravellingT (now removed)
The file that actually executes the hack is https://github.com/0xauth/TravellingT/blob/main/src/Data/dataType.js
It would be great if anyone could help in de-obfuscating it.