firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 15:49:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 32CT4XcGQSCgemy8I26E9iNCDZTwaC-45jPNRmf1sC-MXyx806iQGQ==
Age: 2088
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7590
Expires: Fri, 02 Sep 2022 18:30:26 GMT
Date: Fri, 02 Sep 2022 16:23:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JyHLA29FWikh_NdiDJN9PQXU02Lm6lvAX0631IHhF78JCSYcHd57jA==
age: 54519
X-Firefox-Spdy: h2
ftp.2by2gaming.com/
50.87.61.62302 Found 207 B IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 95796134185872f17b9b77fbe8d6a173
4a8417745dfda4dec989a9c627a4aafcf1362ff4
ca8985d27793b10e171e56df58c893a8e91e6b955395835c5cd70ad9db5c1705
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ftp.2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 02 Sep 2022 16:23:56 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 207
Location: https://2by2gaming.com/
X-Server-Cache: true
X-Proxy-Cache: MISS
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 16:23:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 15:38:16 GMT
Expires: Fri, 02 Sep 2022 16:14:28 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tNngSc5qw5j6FY8vGCRjD2p44ipXNwxlWDLL1Ivs8sh47WqnwHO_UQ==
Age: 2740
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d3ce659fe9258e72041158d3b41503be
935d830b2fee13a349fd043a63f951ea96d9a2a8
03295e205036ab7571626ed362ee223a2248e5f1d39cd7a7ef921d05e1d55a97
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 16:23:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 15:27:46 GMT
Expires: Thu, 08 Sep 2022 15:27:45 GMT
Etag: "935d830b2fee13a349fd043a63f951ea96d9a2a8"
Cache-Control: max-age=514427,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744797d61e080b51-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6501
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:23:57 GMT
Last-Modified: Fri, 02 Sep 2022 14:35:36 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.228.106.27101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.106.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TgsglOiplE6comkB4ZGHIQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fjRf2a6evMejVlpDZgIuh72yLkQ=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8453
Expires: Fri, 02 Sep 2022 18:44:51 GMT
Date: Fri, 02 Sep 2022 16:23:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8453
Expires: Fri, 02 Sep 2022 18:44:51 GMT
Date: Fri, 02 Sep 2022 16:23:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8453
Expires: Fri, 02 Sep 2022 18:44:51 GMT
Date: Fri, 02 Sep 2022 16:23:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
age: 67592
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cab49f59207f816d98a21cd3fc2c37d1
8a9278f8ff5d149420673649878ca1ee266a0783
aebe0748f049bcb801be83459d4bae66b9c1453de3b0ea7e6a63bea88b6e7a5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13104
x-amzn-requestid: da627f0c-5cde-4a37-878c-dcada8a25f64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EYoIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-10dbcb432e6d1af46cffaefe;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4Ve7euVpAusbqUYkx-vWIBLDbIidnuXDqMDG0LRpu40sXh6a2fEPJA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:50 GMT
age: 65828
etag: "8a9278f8ff5d149420673649878ca1ee266a0783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wLezqM4_yKqtOR7D43beBqm8TAD5y8eQ7xHOxjDJdHchCpyusuzMuQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:55:46 GMT
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
age: 66492
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:01:10 GMT
age: 66168
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CDyJUMKmUlrT3LgfeiZhQN1XEV2vKTIZtmV4QZYXaoM4PWbYo8IyJA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 14:46:29 GMT
age: 5849
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:51 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 65827
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
216.58.211.10200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
IP 216.58.211.10:0
Hash 489201f3ae372e66068ef6cd0ac6df9f
70f9bb1c73ebc6097d2658a187da727fd27a3583
e5a37e60ea11c0f6bcbee3198593ffafff4d2f8e0a97787b11eff03d8110bf29
GET /css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 16:24:02 GMT
date: Fri, 02 Sep 2022 16:24:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css
50.87.61.62200 OK 5.1 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash fb2c5b117dcdb66d7a6b6173bb1b8f8d
14c63b319a54fa9475a786da0a4995133677606f
3e9c67704130e98758c2dffe3600c8a2e690c9a89cbac41c4dbb654a303457e8
GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 03 Dec 2019 04:10:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5085
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/acurax-social-media-widget/css/style.css?v=3.3&ver=6.0.2
50.87.61.62200 OK 176 B URL HTTP/2 2by2gaming.com/wp-content/plugins/acurax-social-media-widget/css/style.css?v=3.3&ver=6.0.2
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash c6c27a2c851a526fd31667b03fbb405e
219b55efef5177664b172c37f6c83db4966892c0
b09fba18da0c70b8afd99ae15055fb06005aa1839825011c98069af5742ccc5a
GET /wp-content/plugins/acurax-social-media-widget/css/style.css?v=3.3&ver=6.0.2 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:30:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 176
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/dist/frontend.plugins.min.css
50.87.61.62200 OK 3.2 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/dist/frontend.plugins.min.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11672), with no line terminators
Hash a44270a0e029a3adfa8292dc3a29f82d
494ef74cef43fc30155324614b60f4615f0eeea0
b700ac58e2288bd5fdd50802195296e9bc2519c1f676eaf6bee4fa39cb0aa62a
GET /wp-content/plugins/live-composer-page-builder/css/dist/frontend.plugins.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:27:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3159
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/font-awesome.css
50.87.61.62200 OK 9.2 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/font-awesome.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c15a70c2c3de55f022efee3a28aa3d70
f1afb0d06f4bd84f60ea3ff67d5ad13a3bf3c210
0f77e710f6a2db4cb41395aada6f47eb7486ce4f0e067acfc4585b995d3d2624
GET /wp-content/plugins/live-composer-page-builder/css/font-awesome.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:27:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9205
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/css/dist/block-library/style.min.css
50.87.61.62200 OK 17 kB URL HTTP/2 2by2gaming.com/wp-includes/css/dist/block-library/style.min.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 02:06:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16594
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/revslider/public/assets/css/settings.css
50.87.61.62200 OK 12 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/public/assets/css/settings.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 16f565a8f59ad5c049db9ef399b90df5
3ec6b1e3d5b626dcbbb6e7dfaabd6ecad8cc4e27
8d2dbd71966559957250504278cd832cff651f6904772c6bc4f5932e9d19af03
GET /wp-content/plugins/revslider/public/assets/css/settings.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12201
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/contact-form-7/includes/css/styles.css
50.87.61.62409 Conflict 83 B URL HTTP/2 2by2gaming.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/dist/frontend.min.css
50.87.61.62200 OK 14 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/dist/frontend.min.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (55476)
Hash a8b04a923beb85aad1c251d2c9bbc503
8a657577b4a54828c8c6cecf3f71e6ed530bc0fc
b5c3b6440340d511720b55cec950fb0c3cc8039029f7446aec52bf9180040a4f
GET /wp-content/plugins/live-composer-page-builder/css/dist/frontend.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:27:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13464
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css
50.87.61.62200 OK 15 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4965d273c665d58ac673952b3299e882
b2175b87388934bfc92ac38640e69a1ba2bf8efb
f20935193b8a3b402938e07226d46436915d48b1e829e6cf6834fa060e6db129
GET /wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15295
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/includes/Flexslider/flexslider.css
50.87.61.62200 OK 1.9 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/includes/Flexslider/flexslider.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash d1552ffebf6e4b4bc2248bfefbc173c7
2ff0cceb22f99c04fdbcbecce1e332344537cec8
b0823f09c8919e0a0c9192c2a5337b9d88d24033c3fd7a5d94406c2eb4a5bb15
GET /wp-content/themes/thefox/includes/Flexslider/flexslider.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1903
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/redux/custom-fonts/fonts.css
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/uploads/redux/custom-fonts/fonts.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/redux/custom-fonts/fonts.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:48 GMT
accept-ranges: bytes
content-length: 0
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/contact-form-7/includes/js/index.js
50.87.61.62409 Conflict 83 B URL HTTP/2 2by2gaming.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox_child_theme/style.css
50.87.61.62200 OK 416 B URL HTTP/2 2by2gaming.com/wp-content/themes/thefox_child_theme/style.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (432), with CRLF line terminators
Hash 4f5c815dcee5b830e5aab8b47ebc0413
a44cc81f6b8f5716dc10651c034f56aeff803470
2bf536412abbda6d90ecde248aeb9fa09737d1c57c135c4ebf1540496faec124
GET /wp-content/themes/thefox_child_theme/style.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 416
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/css/rgs.css
50.87.61.62200 OK 768 B URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/css/rgs.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 6fab4e7be7b78167c7b738bb79922e5b
aae8af12111488ee38e732e2e2538e01e2c090da
c2edcb3a983aa7b07b21a04ed47ec34aeb6879ce48c3a1a1b0ed5618c797aa4d
GET /wp-content/themes/thefox/css/rgs.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 768
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/jquery/jquery.masonry.min.js
50.87.61.62200 OK 724 B URL HTTP/2 2by2gaming.com/wp-includes/js/jquery/jquery.masonry.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1626)
Hash e1b8f48388e00a715d3fe1f64ea15476
3ea75fd181dd3630bd8765a2b67f23d6da39edbf
87f4466dda6ad8e1c9aa26ef27e28b3b74ac40327d8daf4a7cf994e5b7893718
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.masonry.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 31 Aug 2018 16:27:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 724
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/includes/zilla-likes/styles/zilla-likes.css
50.87.61.62200 OK 173 B URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/includes/zilla-likes/styles/zilla-likes.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 39b2741e31c5a052c44d2eaa22981fe7
ae72a066e3d23e636e7edfdbba4c74836ed2d431
54cb55ff0e24b12a2631b4152cf810a15e48a34bffbc7b52b25521cc6c828041
GET /wp-content/themes/thefox/includes/zilla-likes/styles/zilla-likes.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 173
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js
50.87.61.62200 OK 540 B URL HTTP/2 2by2gaming.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1191), with no line terminators
Hash cea5e0013ee4b14895dc0f6c424a03e8
b21c776891ff57c003b385a1aa62ba613b292a21
1cfe89d6aa36aea0e986e379590ab23877257e8416764d18105d1176dfcd64d9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:09:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 540
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/js/custom_woo_js.js
50.87.61.62200 OK 714 B URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/js/custom_woo_js.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash c79977c4ee43aaeef5617436d2f001b0
17efb5737a413a19c9e67ac64187ce0fd9105b27
c82a9a8f320e3e20e17f81a8fbdc941a28220e4202e9672f92d92b16d4226f70
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thefox/js/custom_woo_js.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 714
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/js/smoothscroll.js
50.87.61.62200 OK 2.3 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/js/smoothscroll.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4440), with CRLF line terminators
Hash 2d8450274e64463b02abf2a4429c657d
cd2bba4f7951a4c9b0bd220a6939c84b910eabe4
cc8bc21ce3771cbbfc5ca622750e8f271fef06d898af6dee2a777d3e1f848686
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thefox/js/smoothscroll.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2317
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js
50.87.61.62200 OK 1.6 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (2861), with CRLF, CR line terminators
Hash db111558e1a36ddb44ee116a32a1f046
0be7812f2f99932c1ebb96b7b4c5d6b403e20da5
dd692eb76a66ce5fa3ee4a9ea97bd46cabc6c9a8ccbe08def28f48ffa10c5fbb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 15:59:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1566
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css
50.87.61.62200 OK 3.4 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14965), with no line terminators
Hash 8be7a878c560f1b146db163966f64d74
0dfdd50b2c3355c62cd7426649e819ba4a652495
7c7f8eb143a56619e051b210fa355e14ff4ff9f8fad982b0c4110c166a2aadca
GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3356
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/imagesloaded.min.js
50.87.61.62200 OK 2.1 kB URL HTTP/2 2by2gaming.com/wp-includes/js/imagesloaded.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 02:16:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2103
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css
50.87.61.62200 OK 4.1 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11819)
Hash aaf5684299dd7e9c9b7e7ec424b38a91
f35fe1f096ea680f7d849bdbb7547810fcdecd11
91ae7d066c22afff5006128d2b653cdf9e8942dc7f7155e4b7fc5111e01ac9b0
GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4070
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/jquery/jquery-migrate.min.js
50.87.61.62200 OK 4.6 kB URL HTTP/2 2by2gaming.com/wp-includes/js/jquery/jquery-migrate.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 02:16:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/js/script-ck.js
50.87.61.62200 OK 298 B URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/js/script-ck.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (665), with no line terminators
Hash 6631a19ad49c6c8244afd56229de367a
ed50b1f18e170a98d72d8981928b2d8a54b29192
7ea63f50be0ce3ff850c58c4135ab863f1510c9051fd19cc84d7b49c5acf3cf1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thefox/includes/4k-icons/js/script-ck.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 298
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/css/elegant.css
50.87.61.62200 OK 5.3 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/css/elegant.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8050), with CRLF line terminators
Hash ffe107e6257558a28f7908a9d2a5a301
65a975884eeee59bfb582b4f329931811266a68c
0fa613536d216e6b005a4c309690ab44dffe16b731e93ac323d0336d55da4f66
GET /wp-content/themes/thefox/css/elegant.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5256
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/css/font-awesome.css
50.87.61.62200 OK 5.5 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/css/font-awesome.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type troff or preprocessor input, ASCII text, with very long lines (337), with CRLF line terminators
Hash bffee79bfbab76143451aa14afdcdd6a
ae3f88b9b0837987d9707da93629207fbc1d45be
4ad36b94953f4b471ebefabb27b385de441b999b66c4c30c318f209f74ab9dca
GET /wp-content/themes/thefox/css/font-awesome.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5510
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
50.87.61.62200 OK 2.7 kB URL HTTP/2 2by2gaming.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:09:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/wp-emoji-release.min.js
50.87.61.62200 OK 5.3 kB URL HTTP/2 2by2gaming.com/wp-includes/js/wp-emoji-release.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:09:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/css/moon.css
50.87.61.62200 OK 13 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/css/moon.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19725), with CRLF line terminators
Hash 2f78433715325f38991eee5b73d04c88
e088d1d8107c751ce60d11f83f3ebb892e4239b7
98a938ef0c3f11f2538b2b15e2c2eb5cf46587f016197522485b6589c57de99a
GET /wp-content/themes/thefox/css/moon.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12993
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/media-queries_wide.css
50.87.61.62200 OK 15 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/media-queries_wide.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (375), with CRLF line terminators
Hash b74c1e309c15eddb77f0b88ed46297c9
5a9d952a25e4b77157bcb6e471f760980cad74f9
606d3dee5bbb02346dc71af053d10908a74f823c018795fba531f83c7e8b0225
GET /wp-content/themes/thefox/media-queries_wide.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14551
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/jquery/ui/core.min.js
50.87.61.62200 OK 8.2 kB URL HTTP/2 2by2gaming.com/wp-includes/js/jquery/ui/core.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash a0a1c8194f131320e1798f90a7b1262a
3346d35be1f2e4886f19e7fcc0cc96ee4753d9ed
7f618ab13cec0933ec2c61fa2b580ad77ca41522028649677494219fa9ce56db
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:09:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8169
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
50.87.61.62200 OK 8.3 kB URL HTTP/2 2by2gaming.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash e49f0561a452c9d04fb7d1510a23cc8c
9e8fc2e3129da4fe2790eee565a6478b864bea83
ab4f9f418b022ab34d617ee2f95d70afff005ed4d4d92e313ce84a56b40bce75
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:09:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8254
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_frontend.min.js
50.87.61.62200 OK 7.9 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_frontend.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24087)
Hash 37b40cf6a5a0b9d4e22b0fed85a5140a
3cfbca5fe4495dff6ece1483ff92dd7f131320fd
4abb110200c0922cfb4622cb7f64bcbb80359f0d2ddedb5c8194dae1b6014d4c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/live-composer-page-builder/js/dist/client_frontend.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:27:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7891
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/masonry.min.js
50.87.61.62200 OK 9.2 kB URL HTTP/2 2by2gaming.com/wp-includes/js/masonry.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23966)
Hash 2a730dafa34e6ff81513d31e486cdbdb
1fce17d256f67ae086d74092a03006997d9b0add
7a5fd36a453a3a7471fa93b8169579f9a98e2df7a262c44d28d3de41a0f7ae1c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/masonry.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 02:16:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9216
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/css/animations.css
50.87.61.62200 OK 10 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/css/animations.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (446), with CRLF line terminators
Hash 1aec3ef6ae708c970928efa869a5c622
6753bd167b4073facbed1cb04cc607f7715bf119
5baa269481b8c9780b0eeff7058b2bd4e301537119c7c1d83722f14009839b58
GET /wp-content/themes/thefox/css/animations.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10113
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/css/icon-styles.css
50.87.61.62200 OK 1.1 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/css/icon-styles.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4972), with CRLF line terminators
Hash 055cddc1a4567ae1f9907bb5f7780abd
3b0e93703c80d4700e55b2c47c151069b319396b
dbe4d21a3a2c89e251198e7df0e6f7d2b4a8c81ee2269be92b2a83de51ee355f
GET /wp-content/themes/thefox/includes/4k-icons/css/icon-styles.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1103
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/mediaelement/wp-mediaelement.min.js
50.87.61.62200 OK 483 B URL HTTP/2 2by2gaming.com/wp-includes/js/mediaelement/wp-mediaelement.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash 961b384bf5b28ac673051be024563f79
606ebba9fa8aec74cf413098b084500c8b16b85c
a9c17b0e5a9c12428c6ed8d0c4622ddbae112a9ac19bccf451f125972cd91935
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 02:16:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 483
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js
50.87.61.62200 OK 696 B URL HTTP/2 2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1472), with no line terminators
Hash 149199e590e83a45c6cfb84e505ee166
d2a506c87a1ce49b6927eb70b36a2e05054734b8
91cb2836b2266eeee962eb258c85c327a5f0e3c8812fefdc74cf685b72537d57
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 15:59:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 696
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js
50.87.61.62200 OK 3.6 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (23514)
Hash 5a5e39ce4b39452f116eb0dc64a6f942
f83917e8fa5c8afdd8af5763c1580fe57b017eb4
b4e953166c1366edb908048019e3a48cbb69b76d2413941321864c481ebf442b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 03 Dec 2019 04:10:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3626
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js
50.87.61.62200 OK 3.3 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9346), with no line terminators
Hash eb89a4b650d11f21e8dfb8723f0beb2a
ed1ca064486e70e34967e35432442ea2759d3bb0
2293eaa848408400905e5673a1a9764e17188ca86bedff223c1664c051df5b38
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3331
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/includes/prettyPhoto/css/prettyPhoto.css
50.87.61.62200 OK 5.8 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/includes/prettyPhoto/css/prettyPhoto.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 89fd34371ff8b799896623f41be65bf7
f2f4efc68fca3155e71e58e8c86b9508d5ccdf9b
259de73c826d85945e44fe7b5a6c7e1a3b93dd199f86db3fb63725c9e341caa5
GET /wp-content/themes/thefox/includes/prettyPhoto/css/prettyPhoto.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5797
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js
50.87.61.62200 OK 4.9 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11484), with no line terminators
Hash 1b60910f11a0d775fcfa572adb62ee64
f1bd74f734e6938c95d01de8e868a7c785ddbc4b
2d1669803c454716bfc0cbf4a477db499c13d6070b3b06dad649e3903b107a91
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 15:59:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4850
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js
50.87.61.62200 OK 6.4 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12478)
Hash 9c2d03a459cd4c9c8064207c22ef834c
12e45ea32473cdf339bdfa4a3611f5e017019d7d
8e528fbe9db30555ec2867509a0aa8413db0b36a4f7890afe80c90cffbba40f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Jul 2021 15:52:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6377
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js
50.87.61.62200 OK 7.1 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19905)
Hash 11c71ebe3b5ee1cc9acd2fcfd152f186
2b36c7b86094a60c194187c30273fd4434b9ed6b
ac582bbaaf2eedfff77b28db99253070f31d0262e3c8ca7751cbfdb0ba1fa6f4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 30 Jul 2021 15:52:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7084
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js
50.87.61.62200 OK 8.1 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (827), with CRLF line terminators
Hash 5518a5dade150ea7c75df807117a8f7c
57fa27a53a53364b833b35a28413037e4c4dbddb
a22c81f8a9ea04df923710065cdba73e02eac3f326101fc4c4de0c883618b824
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-social-media-icons/js/custom.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 15:59:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8105
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/revslider/admin/assets/images/dummy.png
50.87.61.62200 OK 73 B URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/admin/assets/images/dummy.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d08eac154f5b02ef14e612fc25b9bf2
5a1e9121811015fbc274dae72072f874aee3d805
17af9e65317bbbfbbd0bcdc729f14faadf37cd08cf30cc0fe0b72443e78cbffb
GET /wp-content/plugins/revslider/admin/assets/images/dummy.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
content-length: 73
content-type: image/png
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2021/05/image001.png
50.87.61.62200 OK 41 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2021/05/image001.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 817 x 359, 8-bit/color RGBA, non-interlaced\012- data
Hash 6e05e6c74de5c8d689c1ae86711a3511
429b4227545cd5b6e1ddfd168d08b090f421473a
e8b30f9144a7c0b742845c535690092dceccfd8abf42928a40c9474227b41d60
GET /wp-content/uploads/2021/05/image001.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 28 May 2021 15:00:37 GMT
accept-ranges: bytes
content-length: 41433
content-type: image/png
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black.png
50.87.61.62200 OK 582 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1300 x 1300, 8-bit/color RGBA, non-interlaced\012- data
Size 582 kB (581550 bytes)
Hash 855dab4ab20a4d886bc17d6f3ab97850
905b2951001092fc4214c7baf08c82e58284c594
f6b15d9d8934dc5ee1fd26127bfb01b78136a4e16851349ae1dbb9b88f7829b8
GET /wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 19:46:05 GMT
accept-ranges: bytes
content-length: 581550
content-type: image/png
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2by2gaming.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 256422
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2by2gaming.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:53:20 GMT
expires: Tue, 29 Aug 2023 18:53:20 GMT
cache-control: public, max-age=31536000
age: 336643
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2by2gaming.com/wp-content/themes/thefox/includes/font/fontawesome-webfont.woff?v=4.1.0
50.87.61.62200 OK 98 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/includes/font/fontawesome-webfont.woff?v=4.1.0
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thefox/includes/font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2by2gaming.com/wp-content/themes/thefox/css/font-awesome.css
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
content-length: 98024
content-type: font/woff
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black-mobile.png
50.87.61.62200 OK 41 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black-mobile.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 40984, version 1.0\012- data
Hash 239785313afd1d6f029060dce09eaa72
506c2e4f22d57fd38e8a3145472b79cff5d08885
f0898df3085ce12eed623cad85a9b30fe200e25bd05c03f8323f260e41d14d6d
GET /wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black-mobile.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Dec 2018 02:14:17 GMT
accept-ranges: bytes
content-length: 26906
content-type: image/png
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js
50.87.61.62200 OK 733 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 733 kB (733114 bytes)
Hash d4d335d3226b9560a9d52489ec739f20
677792897ab4fddfa56056b8166dbd8d667a3b7e
e4482a70783f1d663292f98c164a1605ab75798f1d5f73f70d7cb876501ab01d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/icons/4k-icons-pack05/icons/fonts/zm.woff
50.87.61.62200 OK 41 kB URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/icons/4k-icons-pack05/icons/fonts/zm.woff
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, CFF, length 40796, version 1.0\012- data
Hash af45fc2a6edad2e05d4cbae76ea4161c
34f4ae30130e7eb6c641eafd12345d60bda48106
c5977a2418239ce407862163674372fd847c86668beac023b468121ac97d86ac
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thefox/includes/4k-icons/icons/4k-icons-pack05/icons/fonts/zm.woff HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
content-length: 40796
content-type: font/woff
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js
50.87.61.62200 OK 273 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 273 kB (273292 bytes)
Hash b0d25cc9b9a9df320e5408adfa533e49
f71da426493c41e89e7d1d03db78b7b6ad4c9802
1bd11592e9e0f656fd49d158910813d67f65042f0215cdbcced92bbbe0050887
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/contact-form-7/includes/js/index.js
50.87.61.62409 Conflict 83 B URL HTTP/2 2by2gaming.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash be8adeb6647855a91c3cf43538aa91dc
4a7d9d9c44d6da2d916bc5ecd6e8ed6758eccff4
8e25adb5f789bcc4a193746924bde46030bda14f5829f60d8dc34636d9f43001
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4375
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:03 GMT
Last-Modified: Fri, 02 Sep 2022 15:11:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 727
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.carousel.min.js?version=5.4.8
50.87.61.62200 OK 2.9 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.carousel.min.js?version=5.4.8
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7370), with CRLF line terminators
Hash f674dc9b9b42b1b631241c1db7a0dc6e
6b1b582b6b5bc94304ad39ac8762ae3c761f2d52
f7eb77527083531b5d524987e53222a79f6eaf6f56f245ecdd79e326f438ac1b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.carousel.min.js?version=5.4.8 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2941
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8
50.87.61.62200 OK 2.8 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8089), with CRLF line terminators
Hash 4b7965432515b8c0726df47d008f39b3
4da311c37395db04b3f0e25c88e595f0a3c96c88
f08d33a18da2349f5627a6a90e0823b9a904151e514a7fd353dca48c5717cbe3
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2845
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js
50.87.61.62200 OK 54 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32006)
Hash e37f72ce68549c85863f001cf157285f
abcd2799e603e52864119588fb0ba5b751925eed
3548e4683891d4a21663caabb256aa7edc350fb900c01859fae1e4e1724e74f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 03 Dec 2019 04:10:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
50.87.61.62200 OK 8.9 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (25862), with CRLF line terminators
Hash 24cc4ae82947db94318c91847a49ee68
23ba55c3129dec4bb3c302eef52bebcbfa172e97
a3ab15aba69b891687f297afd31f1b09aa19856083d4ce9bb59d5b8f9df21477
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8892
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2020/12/Play_Casino_bow.png
50.87.61.62200 OK 46 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2020/12/Play_Casino_bow.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 2608 x 659, 8-bit/color RGBA, non-interlaced\012- data
Hash 27c62c84fb77b836ae1a304b6ecd2016
2b3753e57258e1c2f50944a635b484ad37dbf66a
e35cf90098aaf76d46133946d54700500192991f23573e0cf25cc4151088a6d2
GET /wp-content/uploads/2020/12/Play_Casino_bow.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Dec 2020 22:49:24 GMT
accept-ranges: bytes
content-length: 46274
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2020/08/image001.png
50.87.61.62200 OK 12 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2020/08/image001.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 320 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 542cc9c46420464c7f5befd583e1d00c
e2cee2730317aa05ae4fd50c3fbee137f9e39dee
38efa92d07d1541d39d1576bcc364da7f07fff72f8de7f70bfb63fe90b8e7be4
GET /wp-content/uploads/2020/08/image001.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Sep 2020 15:05:23 GMT
accept-ranges: bytes
content-length: 12028
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/
50.87.61.62200 OK 50 kB IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 553dfa71620a01d235205e59f884f0e1
c66b7f62906dd27bef7298394d0a989e2a915dd5
6166cded23259a168a76f45910398657522caf1b9c1fe2db70691bd3690a2c71
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:23:57 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://2by2gaming.com/wp-json/>; rel="https://api.w.org/", <https://2by2gaming.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://2by2gaming.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: MISS
set-cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279; expires=Fri, 02-Sep-2022 16:53:59 GMT; Max-Age=1800; path=/
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2020/07/playfortuna-logo-250-167.png
50.87.61.62200 OK 9.6 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2020/07/playfortuna-logo-250-167.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 250 x 167, 8-bit/color RGBA, interlaced\012- data
Hash dd9ad2621bfb342e3e25e02f85d86ad0
2f9bb07d80074097d722b50b874fd72dc3bf4497
6f1efbe7e3a8e11229e0dda4581b7fb3ea257bfd6724166ccc48cbc6b07104f2
GET /wp-content/uploads/2020/07/playfortuna-logo-250-167.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Jul 2020 16:09:39 GMT
accept-ranges: bytes
content-length: 9635
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2020/07/Casino-RU-logo.png
50.87.61.62200 OK 13 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2020/07/Casino-RU-logo.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1188 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash f053c74fa97c5013430253bd0ca4859a
2131921d2669164c63df474105f005ad65b02a2a
0371e77cbd50163bbfaa6eedb6cd381ba3e28d2b9af4ddbd0d22b5059296b8ba
GET /wp-content/uploads/2020/07/Casino-RU-logo.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jul 2020 15:45:04 GMT
accept-ranges: bytes
content-length: 12658
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2020/07/Mr-Gamble-Logo.png
50.87.61.62200 OK 463 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2020/07/Mr-Gamble-Logo.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1981 x 1981, 8-bit/color RGBA, non-interlaced\012- data
Size 463 kB (462841 bytes)
Hash 62afe57192f3260a3e1566ad5a42213d
b31196a336797a3e0af05cfb932a722f3ad0b02b
ee5380bbe7377d1da8def8487d88f790a7c88c81f6f49d7990d8139f6786e5cb
GET /wp-content/uploads/2020/07/Mr-Gamble-Logo.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jul 2020 15:45:07 GMT
accept-ranges: bytes
content-length: 462841
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2020/05/GMBLRS.png
50.87.61.62200 OK 4.5 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2020/05/GMBLRS.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 364 x 175, 8-bit/color RGB, non-interlaced\012- data
Hash 52d2550b1dc268036318db9245ad4aa1
ea96d32e09d1878d9f728fff6e76ea15d40f34fd
7225f1153f75130221b4c12be68530d01e8fddfa06d6265f16af4b727fe6bdb1
GET /wp-content/uploads/2020/05/GMBLRS.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 May 2020 20:50:32 GMT
accept-ranges: bytes
content-length: 4473
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2020/04/0f3ef4b72c18bf931fc0cf4d81f9c7ea.png
50.87.61.62200 OK 32 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2020/04/0f3ef4b72c18bf931fc0cf4d81f9c7ea.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 828 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f3ef4b72c18bf931fc0cf4d81f9c7ea
465febe502e62d7123fe29526c5bcbcbf701a8c8
41bd3a5112a3b227f734af1e0df6319a094283db42b28a18131b2568c425cb41
GET /wp-content/uploads/2020/04/0f3ef4b72c18bf931fc0cf4d81f9c7ea.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Apr 2020 15:41:37 GMT
accept-ranges: bytes
content-length: 31926
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2020/01/CasinoScout-Logo-2by2Gaming.png
50.87.61.62200 OK 22 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2020/01/CasinoScout-Logo-2by2Gaming.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 547 x 163, 8-bit/color RGBA, non-interlaced\012- data
Hash 59de93f12977df32215ce2cc724c0f5c
8f61e611d9a1c90f8a34d9b459f25b69bd900f0b
01ff3e5cec7188aec7f09bcfc9482585e81df1a9f9a1d3862666d09916315a6e
GET /wp-content/uploads/2020/01/CasinoScout-Logo-2by2Gaming.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Jan 2020 17:12:18 GMT
accept-ranges: bytes
content-length: 21766
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/revslider/public/assets/assets/coloredbg.png
50.87.61.62200 OK 184 B URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/public/assets/assets/coloredbg.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 5 x 5, 8-bit/color RGBA, non-interlaced\012- data
Hash 397e5bd80bc0fe4e18c1837deead5e72
02ba7ca593b1aecc13bc821b1043cbbb3e9421a0
ef2284224ce3426c26d4caa902989107ba3200dbd24d4ace60ccb2bad033f000
GET /wp-content/plugins/revslider/public/assets/assets/coloredbg.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/wp-content/plugins/revslider/public/assets/css/settings.css
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
content-length: 184
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720.jpg
50.87.61.62200 OK 291 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 291 kB (291059 bytes)
Hash 26b11241633cfe461b222a4e8f51aa62
c14f64185ea3d2a51bcd73a0e2fa4df7c02f5154
3a77d87afe303ba9a866408260b7452ed21df96641cb09421deea815808e97ce
GET /wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Oct 2018 16:04:35 GMT
accept-ranges: bytes
content-length: 291059
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2019/09/Loading-Screen-1280X720-2.png
50.87.61.62200 OK 1.1 MB URL HTTP/2 2by2gaming.com/wp-content/uploads/2019/09/Loading-Screen-1280X720-2.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1280 x 720, 8-bit/color RGB, non-interlaced\012- data
Size 1.1 MB (1092590 bytes)
Hash 278a760516f298c459687b78973d81cf
1f25deaceb6a6f3c8979df659a19a18c0abf849f
b34684e330cf9a2c1ac8ca3f71e0044580cb5919afc69f215714935a2a0297f0
GET /wp-content/uploads/2019/09/Loading-Screen-1280X720-2.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 Sep 2019 15:34:09 GMT
accept-ranges: bytes
content-length: 1092590
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/revslider/public/assets/css/openhand.cur
50.87.61.62200 OK 326 B URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/public/assets/css/openhand.cur
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @7x5\012- data
Hash b06c243f534d9c5461d16528156cd5a8
bb22807a7c23dae7d007673b407850438856bbfa
080627fa359156339e79f118fa66a6937f09ff679fe87e8afa473b95c8168d35
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/openhand.cur HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/wp-content/plugins/revslider/public/assets/css/settings.css
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
content-length: 326
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
x-server-cache: false
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen.png
50.87.61.62200 OK 2.3 MB URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size 2.3 MB (2298902 bytes)
Hash 6e53e215391ea320524ccef348f222aa
dbb05cde44ecc7ac758490f07d8e741875490302
0c895142390f0cfc00ee125fa1dfe763937b732bcecec46baaa1aa570c9e5b55
GET /wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 17:08:13 GMT
accept-ranges: bytes
content-length: 2298902
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/Top-Screen-100x50.jpg
50.87.61.62200 OK 5.1 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/Top-Screen-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Hash ea431a768698722fbc36f767d126346b
ab199b5896f48e9ab408496ae3fd12726a7db7d2
ef148d3523b536ed8a253491029d36843a44b6c58d3a34af5ca57b737f66ecc0
GET /wp-content/uploads/2022/06/Top-Screen-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 21:31:12 GMT
accept-ranges: bytes
content-length: 5074
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2021/04/Loading-Screen-1-100x50.jpg
50.87.61.62200 OK 3.5 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2021/04/Loading-Screen-1-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x50, components 3\012- data
Hash d2ab8154c8ac23423d92681cb44f4621
e155e8215490ee2d44d237097b8ef7aaacf5cc12
cc6fcb4cc38c1bec158b1bec5ed6469bc97ea26942c79f111c485cbb39c05f66
GET /wp-content/uploads/2021/04/Loading-Screen-1-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Apr 2021 16:35:07 GMT
accept-ranges: bytes
content-length: 3493
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720-100x50.jpg
50.87.61.62200 OK 3.3 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 100x50, components 3\012- data
Hash a854ecb651290a72c81102c9d78aeb34
bbcfe0c62f6d34d474223e92f03bb5156ff40d40
4faafbef6af04f4e2ccc79907a6924a81fe1116ef6a89596fd7f802861470300
GET /wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 21:23:05 GMT
accept-ranges: bytes
content-length: 3271
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/FeiLianFortune_TopScreen-100x50.png
50.87.61.62200 OK 13 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/FeiLianFortune_TopScreen-100x50.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 606f1458aa6fc11b0d48b67191cf39ba
2f274405cd91611a444fb4e5e6900ff13a2a207a
414cf86619db7d02f23e4f96639fdf340ee50c245e9b2cd0db2f2024dbbfb220
GET /wp-content/uploads/2022/06/FeiLianFortune_TopScreen-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 21:29:10 GMT
accept-ranges: bytes
content-length: 12833
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/MysticMonk_TopScreen-100x50.jpg
50.87.61.62200 OK 29 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/MysticMonk_TopScreen-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=2160, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3840], baseline, precision 8, 100x50, components 3\012- data
Hash d666efa8db3aa36efb3decdc81034030
4d935c31613f8f72710535da16520230f797c660
2a4ac279f733475abbbd8b21d6ac6527486010a162c590e83d0cc5c33a268c86
GET /wp-content/uploads/2022/06/MysticMonk_TopScreen-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 21:25:18 GMT
accept-ranges: bytes
content-length: 29271
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2019/09/Loading-Screen-1280X720-2-100x50.png
50.87.61.62200 OK 12 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2019/09/Loading-Screen-1280X720-2-100x50.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash db610e6ca712545de7eaa7a1ae009041
f6bfc037e1b3469d852e42700cdf3555fcf3b375
5c30283755a0051421175a8c1fa64010f525b64aaebc1c79bc834cb20cfed9e2
GET /wp-content/uploads/2019/09/Loading-Screen-1280X720-2-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 06 Sep 2019 21:34:03 GMT
accept-ranges: bytes
content-length: 11854
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2020/10/LoadingScreen-100x50.jpg
50.87.61.62200 OK 4.0 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2020/10/LoadingScreen-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Hash 57aa057fd816cb4fcfb3f17fb8b5abaa
e73377938b29bbaefe287cd9385540813af01922
22a5e32eaa52912f0c33a2820b6186f458b506a3338ba64b671b8b102b12e3f8
GET /wp-content/uploads/2020/10/LoadingScreen-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Oct 2020 19:35:09 GMT
accept-ranges: bytes
content-length: 4017
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen-100x50.png
50.87.61.62200 OK 13 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen-100x50.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 3975cb3dd1b92dc3b52a3ecf0acf0d1b
cf89ebbc2ba31616708ae8bcb710ff79dad438c6
7ba6547fb5e114351fb2ab4992b61fc2bb4f37bd90b14352440a5e19a42302a2
GET /wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 21:32:59 GMT
accept-ranges: bytes
content-length: 12671
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/lewersJ_EggcellentRiches_Topscreen-100x50.png
50.87.61.62200 OK 13 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/lewersJ_EggcellentRiches_Topscreen-100x50.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d0dd1052cf101322070c78184944952
e2dd3ee4090a6fd46aadaacbecf4eb38aa71c15f
fe8d76c2a8d514bd67745f533b74993418892bef717056d6db733565e20ccba5
GET /wp-content/uploads/2022/06/lewersJ_EggcellentRiches_Topscreen-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 21:39:17 GMT
accept-ranges: bytes
content-length: 12952
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
50.87.61.62200 OK 7.5 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2by2gaming.com/wp-content/plugins/revslider/public/assets/css/settings.css
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:13 GMT
accept-ranges: bytes
content-length: 7536
content-type: font/woff
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen-100x50.png
50.87.61.62200 OK 12 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen-100x50.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash b32316ee29d35ce11a8975a0c3a43fef
d19bea16a1c1d30a03ae4f5fda6e9ed0c6fb7c68
3769a6aa79081e26c36884b2ae766b2c79e049ccedd3e7b7828881274b6c2745
GET /wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:51:13 GMT
accept-ranges: bytes
content-length: 12271
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2019/08/Splash_Page_V-100x50.jpg
50.87.61.62200 OK 4.8 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2019/08/Splash_Page_V-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Hash 0e706a119b96c7c260a024d374c83591
eb0580aea2382bb449ca001f4c1afbe5d633e8b9
8e8e58584b86bffe8b9eb26530eecc9a581966cff9eb3c1045ef2eb613126f96
GET /wp-content/uploads/2019/08/Splash_Page_V-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 09 Aug 2019 19:15:55 GMT
accept-ranges: bytes
content-length: 4815
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2021/05/Loading-Screen-100x50.jpg
50.87.61.62200 OK 1.2 MB URL HTTP/2 2by2gaming.com/wp-content/uploads/2021/05/Loading-Screen-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 100x50, components 3\012- data
Size 1.2 MB (1215551 bytes)
Hash c00f401186a387368214391135eedd1c
ca00d54fdea60cf5897ff52c5acbea8347680725
4d04c166940296e40b3ce7ede02af17068b1a1324708fd1275425072c04e352b
GET /wp-content/uploads/2021/05/Loading-Screen-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 24 May 2021 18:56:50 GMT
accept-ranges: bytes
content-length: 1215551
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2018/09/Alchemists-Gold_Splash_Screen_1280x720-100x50.jpg
50.87.61.62200 OK 3.4 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2018/09/Alchemists-Gold_Splash_Screen_1280x720-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Hash d67d528671ca0a5bad0b63ad3a5c7813
13ce3a942a38c52d4a463566e9209e13cfb402d9
73317ad547e883632280849e5c060199844b3cf8f28e9fd5573a46496fcc4513
GET /wp-content/uploads/2018/09/Alchemists-Gold_Splash_Screen_1280x720-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 21:23:05 GMT
accept-ranges: bytes
content-length: 3381
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2019/12/Loading_Screen_1920x1080-100x50.jpg
50.87.61.62200 OK 4.4 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2019/12/Loading_Screen_1920x1080-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Hash 41d8b361406d72fe6ff71d2ffd8c13e3
b593abcd6a552642a90e7daac0188fca5b30d74b
699df951fff9c4da9eb006a4dbc1625d45d3d63b0bec115ff9b086c83d228a72
GET /wp-content/uploads/2019/12/Loading_Screen_1920x1080-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 15 May 2021 08:10:41 GMT
accept-ranges: bytes
content-length: 4367
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
50.87.61.62200 OK 22 kB URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7384eca5d57ecbdfc8f217434032466f
95ed803de4477a092ea75edf3f01908b3d0d5994
4e255c9eeaa7b95e0725414f68438fa64d711a431b819db14cb33c80dc2a0d1a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2018/09/Fire-N-Fortune_Splash-Screen_1280x720-100x50.jpg
50.87.61.62200 OK 3.9 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2018/09/Fire-N-Fortune_Splash-Screen_1280x720-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 100x50, components 3\012- data
Hash 38f11616379c4278899de4055f51e3f7
b8ed307cefe60b89355f53792d9b4cba1ed39f3c
4e036bd4279b0b7015a21fd14beede2cde77dcd0da664eb5c0ba3d5a6ef1d31e
GET /wp-content/uploads/2018/09/Fire-N-Fortune_Splash-Screen_1280x720-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 21:23:05 GMT
accept-ranges: bytes
content-length: 3938
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2018/12/Agent-Valkrie_Splash-Screen_1280x720-100x50.jpg
50.87.61.62200 OK 14 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2018/12/Agent-Valkrie_Splash-Screen_1280x720-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:12:14 14:38:39], baseline, precision 8, 100x50, components 3\012- data
Hash d5acbaf85988936b9a663d877609c965
7eb4ac3196712d53e86ea1a94f425d59e1206ad4
9d08f56d8472e27f7b05e670dca2a0e4dd6fa6ad9e400e013adb8f01a22267e1
GET /wp-content/uploads/2018/12/Agent-Valkrie_Splash-Screen_1280x720-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 21:23:05 GMT
accept-ranges: bytes
content-length: 13890
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2019/04/WebsiteLoadingScreen-100x50.jpg
50.87.61.62200 OK 3.7 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2019/04/WebsiteLoadingScreen-100x50.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Hash 18978e6a17be92d496ce8cc2e7335be8
264ae4326598c4c34a944e8e38d58eadd71cd30c
2f463517a91eeb1054cca0363df0c7cf1be583c673007a5ee5efcad9e339e622
GET /wp-content/uploads/2019/04/WebsiteLoadingScreen-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Apr 2019 20:43:20 GMT
accept-ranges: bytes
content-length: 3679
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
businessdummy.wpengine.com/wp-content/uploads/2015/07/contact_bg.jpg?id=51
104.197.149.35404 Not Found 17 kB URL HTTP/2 businessdummy.wpengine.com/wp-content/uploads/2015/07/contact_bg.jpg?id=51
IP 104.197.149.35:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c74ca32a5901d1501d7b16bd49feccae
148cf51033e11c1a7e2f4da7669a0914ef3972e3
b60827cb423632d6db95e30cf25e0069a552ecc853a3e711d931da5f3ca42db8
GET /wp-content/uploads/2015/07/contact_bg.jpg?id=51 HTTP/1.1
Host: businessdummy.wpengine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Fri, 02 Sep 2022 16:24:03 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2021/02/LoadingScreen_GemScatter_2-6-100x50.png
50.87.61.62200 OK 13 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2021/02/LoadingScreen_GemScatter_2-6-100x50.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash e00013a16c744ea15dad4525b2562ba6
fc0b2befbd38ba34c3c2c213c988efbbf9997d31
235ae9235fc47df90282a6a9cd9ff0448f213eeda273d84f5c181136f45ba317
GET /wp-content/uploads/2021/02/LoadingScreen_GemScatter_2-6-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 15 May 2021 08:10:41 GMT
accept-ranges: bytes
content-length: 12920
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/MysticMonk_TopScreen.jpg
50.87.61.62200 OK 762 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/MysticMonk_TopScreen.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2160, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3840], baseline, precision 8, 1920x1080, components 3\012- data
Size 762 kB (761670 bytes)
Hash b167f20dbdcdb4fdf3d09df650015ab5
8c9e468f503af9a91ea9425f8c8ce8466434071d
41f2f3ca7c6aea2a8e74c7e51b24f3b8955f7b0f7f191a87f7eec171a8dad723
GET /wp-content/uploads/2022/06/MysticMonk_TopScreen.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 17:56:23 GMT
accept-ranges: bytes
content-length: 761670
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/FeiLianFortune_TopScreen.png
50.87.61.62200 OK 2.5 MB URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/FeiLianFortune_TopScreen.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size 2.5 MB (2478171 bytes)
Hash 61b54dfb8516b3b11c735b599ee99a45
22d763e03a908cefaaa64da9affa7a6ac095e2cb
d859c4ca631f2463451bec59a4cb4dea102489f1f102b60733cb7519c39918f8
GET /wp-content/uploads/2022/06/FeiLianFortune_TopScreen.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 17:01:42 GMT
accept-ranges: bytes
content-length: 2478171
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3941
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:05 GMT
Last-Modified: Fri, 02 Sep 2022 15:18:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 7833bfa786ee22a9b4723a4aa727a0b2
0c8874156152eea02a3af76f833232bdfbb3f5f0
b0f59ba73d802021e4ce3416d625a751e4055afa050984d7372ca4d0c539f36c
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ecd0c9a2ce0bbe3e9c86c41912e35cc1
etag: "5324ec0ce30a1fb0b2fce34da805460c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 02 Sep 2022 16:36:09 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: eDO/p4buIqm0cjpKpyegsg==
x-fb-debug: dbMdcsNSWP0JS+BAfLjr/cvFII90CzHMx3LgrYihAmiD8GgWabXxAw4BQRDZ74y6dzlrlOL+imHIhNYqwA5wPA==
content-length: 1685
x-fb-trip-id: 1904183273
date: Fri, 02 Sep 2022 16:24:05 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/Top-Screen.jpg
50.87.61.62200 OK 662 kB URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/Top-Screen.jpg
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x1080, components 3\012- data
Size 662 kB (661662 bytes)
Hash fff29f786888216b542d1a282903f5cc
b9ff1545f9f773708e4d09e1908537a3d7879cc0
c32eb3ea5ff576be4f64621cc7d602ddeb5ce872ef79f57becbeb93e51829da4
GET /wp-content/uploads/2022/06/Top-Screen.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 17:09:22 GMT
accept-ranges: bytes
content-length: 661662
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3941
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:05 GMT
Last-Modified: Fri, 02 Sep 2022 15:18:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Lato%3A400%2C700%2C300&ver=1622578756
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A400%2C700%2C300&ver=1622578756
IP 216.58.211.10:0
GET /css?family=Lato%3A400%2C700%2C300&ver=1622578756 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 16:24:02 GMT
date: Fri, 02 Sep 2022 16:24:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_plugins.min.js
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_plugins.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/live-composer-page-builder/js/dist/client_plugins.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:27:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/jquery/jquery.min.js
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-includes/js/jquery/jquery.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Jul 2021 02:05:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/js/scrollmagic.js
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/js/scrollmagic.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thefox/js/scrollmagic.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 03 Dec 2019 04:10:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen.png
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 17:03:28 GMT
accept-ranges: bytes
content-length: 4471607
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/js/customjs.js
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/js/customjs.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/thefox/js/customjs.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/style.css
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/style.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/thefox/style.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 15:59:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 02:16:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/uploads/2018/10/2BY2-GAMING-NEW-LOGO-WITH-BLUR-white.png
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/uploads/2018/10/2BY2-GAMING-NEW-LOGO-WITH-BLUR-white.png
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2018/10/2BY2-GAMING-NEW-LOGO-WITH-BLUR-white.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Oct 2018 20:02:17 GMT
accept-ranges: bytes
content-length: 454151
content-type: image/png
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/style_end.css
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/style_end.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/thefox/style_end.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
2by2gaming.com/wp-content/themes/thefox/css/thefox_js_composer.css
50.87.61.62200 OK 0 B URL HTTP/2 2by2gaming.com/wp-content/themes/thefox/css/thefox_js_composer.css
IP 50.87.61.62:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/thefox/css/thefox_js_composer.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C600%2C700%2C900%7COpen+Sans%3A700%2C300%2C600%2C400%7CRaleway%3A900%7CPlayfair+Display%7C&ver=6.0.2
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C600%2C700%2C900%7COpen+Sans%3A700%2C300%2C600%2C400%7CRaleway%3A900%7CPlayfair+Display%7C&ver=6.0.2
IP 216.58.211.10:0
GET /css?family=Lato%3A100%2C300%2C400%2C600%2C700%2C900%7COpen+Sans%3A700%2C300%2C600%2C400%7CRaleway%3A900%7CPlayfair+Display%7C&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 16:24:02 GMT
date: Fri, 02 Sep 2022 16:24:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2