Phishing Analysis

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

• fromCharCode
• unescape
• hex_escape
• unicode_escape
• base64_strings

🎯 Kit Endpoints

• https://upload.tawk.to
• https://s3.amazonaws.com/tawk-to-pi
• https://tawk.to
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-event-polyfill.js
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/
• https://www.youtube.com/embed/
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-object-values-polyfill.js
• https://player.vimeo.com/video/
• https://cdn.jsdelivr.net/emojione/assets/png/
• https://tawk.link
• https://video.tawk.to
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-chunk-2d0c8092.js
• https://www.youtube-nocookie.com/embed/
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-runtime.js
• https://embed.tawk.to/_s/v4/app/698c2d84cd1
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-chunk-2d0aef27.js
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-chunk-4fe9d5dd.js
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-chunk-7941cc06.js
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-chunk-vendors.js
• https://va.tawk.to
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-chunk-6289ff8e.js
• https://www.dailymotion.com/embed/video/
• https://movofoy900.github.io/my-new-app/text.js
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-iterator-polyfill.js
• https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
• https://embed.tawk.to/_s/v4/assets
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-chunk-2d0d2b7c.js
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-chunk-2d0da3af.js
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-chunk-2d224aff.js
• https://embed.tawk.to/_s/v4/app/698c2d84cd1/js/twk-vendor.js

📡 API Calls Detected

• GET
• POST

📤 Form Action Targets

• http://www.apple.com/us/search

🦠 Malicious Files