Report - ftp.2by2gaming.com/

Report Overview

Submitted URL
ftp.2by2gaming.com/
IP
50.87.61.62
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-09-02 16:24:07
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
84

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	2.7 kB	31.13.72.12
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.2 kB	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	966 B	70 kB	142.250.74.163
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.228.106.27
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	68 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.7 kB	216.58.211.10
2by2gaming.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	57 kB	12 MB	50.87.61.62
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.76.226
ftp.2by2gaming.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	430 B	50.87.61.62
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	964 B	172.64.155.188
businessdummy.wpengine.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	18 kB	104.197.149.35
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-02	medium	ftp.2by2gaming.com/	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/contact-form-7/includes/js/index.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/jquery/jquery.masonry.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/themes/thefox/js/custom_woo_js.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/themes/thefox/js/smoothscroll.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/imagesloaded.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/jquery/jquery-migrate.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/js/script-ck.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/wp-emoji-release.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/jquery/ui/core.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/dist/vendor/wp-polyfill.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_frontend.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/masonry.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/mediaelement/wp-mediaelement.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/themes/thefox/includes/font/fontawesome-webfont.woff?v=4.1.0	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/icons/4k-icons-pack05/icons/fonts/zm.woff	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/contact-form-7/includes/js/index.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.carousel.min.js?version=5.4.8	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js	Malware
2022-09-02	medium	2by2gaming.com/	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/revslider/public/assets/css/openhand.cur	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_plugins.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/jquery/jquery.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/themes/thefox/js/scrollmagic.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/themes/thefox/js/customjs.js	Malware
2022-09-02	medium	2by2gaming.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js	Malware
2022-09-02	medium	2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (60)

	URL	Size	First Seen	Last Seen
	2by2gaming.com/	3.3 kB	2023-03-07	2023-07-14
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-07-14 02:33:43 Times Seen2 Hash 86bb9eb71d8fff44b64350f11998b82c 56a378de3de21c724f770c5715455664b327d8f8 30fa7059bb745d7718ffe361ab36b1655fc1d5259315e4237addb8d403a58711 Loading...

	2by2gaming.com/	26 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-07 10:33:07 Times Seen1949 Hash 05ec8fa18732b68a634f95e7c2bebd2e 2204916097137e7afe60b7d8a612e04f86496cbc 38da5f0c3fd471c5a28d03d7155aba416ae2562ba4a73a2ca3920b19e4b47a63 Loading...

	2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js	9.3 kB	2023-03-07	2024-04-28
Pretty URL 2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2024-04-28 05:27:57 Times Seen159 Hash ae8ec95b67c1762c8ab0f83067bb1f02 971a5fe6ab8fc8fec07600027d89ce914cfbff7f 0818610c65fd1ca125b6f560e6cb6e6c8c299e461c2ce91ed197972623cdaf3f Loading...

	2by2gaming.com/	11 kB	2023-03-07	2024-05-03
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:05 Last Seen2024-05-03 21:18:49 Times Seen679 Hash 5af695fc2f9242677472d46c921b407e 7ee73735c7b0e0c8b4ebaccac77ab3268a3ef00a dd831ed9e0bf5acd44bcdaa92f5d357f65ba9fb8b839e60a9d0af23dfd0b68f7 Loading...

	2by2gaming.com/wp-content/themes/thefox/js/smoothscroll.js	4.6 kB	2023-03-07	2023-12-07
Pretty URL 2by2gaming.com/wp-content/themes/thefox/js/smoothscroll.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-12-07 09:47:25 Times Seen38 Hash e1ad4e9259e115b2524bfff7416eb752 b6019b4bd80f3d065d532b0f114fa2afd69aaf90 92ed086f624d0b49a8d0122ca6e92ce676d9afc309ef03795492878e574d7b72 Loading...

	2by2gaming.com/	141 B	2023-03-07	2023-03-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 13:19:27 Times Seen1 Hash c44cdca6facec2cc80a551e799b9c9ee f280a5af263b53eb1c129f511d4af1d2bc13db2e e47a5fac8ff7d0236e9469b1a2f3a18d6eaf7c6c158e9f23991bacfa05115f62 Loading...

	2by2gaming.com/	108 B	2023-03-07	2023-03-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 13:19:27 Times Seen1 Hash 1c782e625354e1e92aa44a5226225e57 c0d21da009656e4ba7ce2fd8414ea8b7191e3d50 99f35231fbb777e0e0f173260c73c0713fa1e671447a771df9954c7f908721c5 Loading...

	2by2gaming.com/	214 B	2023-03-07	2023-03-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 13:19:27 Times Seen1 Hash b227906a25f842fb8c2cc7a133310648 bc89ad059f2fc02c2266d5b52a0994b4b875fee0 3dfab1feff667cba76bae19e5a2618829524a69a06afa1f5189d27c3d423d65d Loading...

	2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js	12 kB	2023-03-07	2024-05-03
Pretty URL 2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:17 Last Seen2024-05-03 03:54:29 Times Seen1620 Hash 2b01351f36285d266938cfb15ae487a4 643579a331557dedc16ed0bceb1c7780368b9a52 4c5e10b3496ff844faf3e2d032e243d4a366a5cbc95ad7bef5dd924322e31b3a Loading...

	2by2gaming.com/	213 B	2023-03-07	2024-05-03
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:32 Last Seen2024-05-03 03:54:29 Times Seen857 Hash 91db495e87060fd19c7508c529725a41 bd81a81ca0327c586cfec175bb386dbd5b3a0f85 ff8bed9ae16005815dbaf8cdfb29263be1b1b59fbf91758a10d3514eb70ae0a7 Loading...

	2by2gaming.com/	763 B	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-07 10:33:06 Times Seen1678 Hash c291ddfafe8b815d28e02482f1251b5e 4501ffc2d31f0231d4eee4aad85578597c753ce7 371ffe791a9a08bddf8a965e60dbe84e817edd8cb480f731d05e791eff5b35af Loading...

	2by2gaming.com/wp-content/themes/thefox/js/customjs.js	288 kB	2023-03-07	2023-12-07
Pretty URL 2by2gaming.com/wp-content/themes/thefox/js/customjs.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-12-07 09:47:25 Times Seen16 Hash 81e57d493732fda277906c621e464d72 cb1bb3f8522340a4e0b06a79097ec90d7a5d74ce c297e42918d8d8005729325374a680c9ba851b5ac634880d3f0d7cd6b6925594 Loading...

	2by2gaming.com/	655 B	2023-03-07	2023-03-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 12:10:44 Times Seen1 Hash dfa482b254abca274167dfc2fc3416a7 c230ea471d3c3082b0f78eb45fbb9c64e5c9ddc7 478dfe3c821b22a63cbc84c6605976e0564f486d207f343bfd9535a8260927e2 Loading...

	2by2gaming.com/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-includes/js/jquery/jquery.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-07 18:07:53 Times Seen32056 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	2by2gaming.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js	158 kB	2023-03-07	2024-05-06
Pretty URL 2by2gaming.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-05-06 23:57:39 Times Seen2422 Hash 6de31d697a1b1b2b0e2a3b29b1fb458b c9b6c996a66918f7c4d49c9b60134ce282c47143 443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008 Loading...

	2by2gaming.com/	64 B	2023-03-07	2023-03-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 13:19:27 Times Seen1 Hash 641381146507fa83698c2a5d963ff211 a4454da8925966484875a4e527c566b5f0435e7f fb698205d26142855dd8b51d6a3d70422d451cf709bd5ea33bdf988c8ec992e6 Loading...

	2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_frontend.min.js	24 kB	2023-03-07	2023-11-20
Pretty URL 2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_frontend.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-11-20 02:03:59 Times Seen29 Hash 62a3fff6ebe7893da86a763a6eaeab5c cb762ff67b9d9a4a70effae6f72633f7e75487a6 e1d352a4d37ca73422311ad76ad7cc614cb20c884cad9e95288c350f43d78b5e Loading...

	2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js	24 kB	2023-03-07	2024-05-03
Pretty URL 2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:06 Last Seen2024-05-03 21:18:48 Times Seen523 Hash baf52133ab964e326865e3a77949d118 21cec0080f71f5a2e376dc613840749f6d4e10c3 16c7202a143aa5d51b0b7fe842a8e73f170cf45d51aa94d87d2649913e0c061d Loading...

	2by2gaming.com/	1.3 kB	2023-03-07	2023-03-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 12:10:44 Times Seen1 Hash e6bc3b05f52fc40d54ad050599e9888e 49082a206c6ca3ab336485ab502028923d203284 fdf86db0cc7b270703c2278e825b94ece627638416781495df37b823c0cc4a32 Loading...

	2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js	111 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2024-05-07 10:33:08 Times Seen4671 Hash 67a9644e880e7a471d49c73bb7621932 2ac89b145da02402ce1877c580850e08076c5109 a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8 Loading...

	2by2gaming.com/	499 B	2023-03-07	2024-05-05
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2024-05-05 20:33:22 Times Seen2 Hash a3487910e8ff2ef3699841accdbbc41f 1182b67e53c6766e13b85090c9d4880cd302dc96 0fe14b2203b99626713c6edf5bad7b568c3f7b736a118cfaf9f414b667e3dd84 Loading...

	2by2gaming.com/	2.4 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-05-07 12:13:38 Times Seen3818 Hash 49f89aeeb8e861051ed61fc00d636b9b 9077f9d9ebc3b661bb3a81161c6a4e2de2531231 4190f2c4f25f9a34cbbfdb92f91a25359570d773ef7cff97c924e224ad877759 Loading...

	2by2gaming.com/	7.6 kB	2023-03-07	2024-02-28
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:18 Last Seen2024-02-28 12:42:20 Times Seen146 Hash 97693c9e323e737267165329b406c0f1 967f619064f8bf7d1ffc7d1f0ceb3d977058a574 6bef41bae310e2b5698ddf03e4f1dca51078f27ee6dd7bd4c857a755a5c44b7e Loading...

	2by2gaming.com/wp-includes/js/wp-emoji-release.min.js	19 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-includes/js/wp-emoji-release.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-07 18:09:18 Times Seen38210 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	2by2gaming.com/	280 B	2023-03-07	2023-03-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 12:10:44 Times Seen1 Hash 979aa45a5b89a390f9a5a89c0699e7cf 800914d4ea55de77ea45fe2d744800ac0a5bc7ce 0dcbacc655b56fdd81e319bda8047bac1fd9993227652309341421015e09b918 Loading...

	2by2gaming.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js	6.5 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-07 18:07:54 Times Seen15555 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	2by2gaming.com/	328 B	2023-03-07	2024-05-03
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:32 Last Seen2024-05-03 03:54:29 Times Seen778 Hash f0d5f710f1fe18a4dcd0201705f89cbd ec7b99089b565160d4fc319e5ddbd7ec81ca28b9 f5274b9a7a920605816df1ae91f95a8e8f29df7f73a76310d402c8f5693ae720 Loading...

	2by2gaming.com/	1.3 kB	2023-03-07	2023-03-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 13:19:27 Times Seen1 Hash 735c1692b6278dfa106b41e1b473968a fa0ab055f7927d2e9d6e00a603b89b87991ef138 67b1add3b10d499fb1cb3d98fe35260ff11bc00b918dd83f06ad441371974e41 Loading...

	2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js	1.5 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:17 Last Seen2024-05-07 05:21:28 Times Seen1747 Hash 9205d1691f1303227809875d3a6ee811 71094c5c5a6f50bc3d94cf9f99f768708a437e6d 8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463 Loading...

	2by2gaming.com/wp-includes/js/imagesloaded.min.js	5.6 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-includes/js/imagesloaded.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-05-07 18:24:11 Times Seen31109 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

	2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js	117 kB	2023-03-07	2024-05-03
Pretty URL 2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:06 Last Seen2024-05-03 21:18:49 Times Seen356 Hash 67dd63b5a2ee079c349b4c4b5bae15e7 c00ea962a5a035f53b1992406a04807d45146c15 194b28e0dc71aa64e5f0885ae370ed5a30acd63f701f9eaf141bc32c656dc8ef Loading...

	2by2gaming.com/	56 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-07 10:33:07 Times Seen2089 Hash a78982b40bf915f977f2bcb73e907934 540b38654ca018e915d4de20f586f7999d5119f2 f46438dc69e006684fd2254a035cd58fa8fc9277206bdf0f8c9a278bbfbc8756 Loading...

	2by2gaming.com/wp-includes/js/masonry.min.js	24 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-includes/js/masonry.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-05-07 18:25:03 Times Seen15450 Hash 3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb Loading...

	2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js	71 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2024-05-07 13:46:06 Times Seen4381 Hash 0f64f3a3a0c620a6756d36abaff1b4a6 4738d7f9885db2cb9370766974c8f6b22e9ec29d 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b Loading...

	2by2gaming.com/	149 B	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-07 11:44:08 Times Seen2872 Hash 931deb2e7bef82d78d1c1b0a3fe4fe32 2a468d77a19124c4bcd1745b7f51eff01b269ade afb2b21f29cd5d7fc5b63a8ea02ece9649603b9e63a2afa55927c508345e1ee7 Loading...

	2by2gaming.com/wp-includes/js/jquery/jquery.masonry.min.js	1.8 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-includes/js/jquery/jquery.masonry.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-05-07 18:25:03 Times Seen6737 Hash cd0eb3406096ff80266e7c9d7d419186 0e3709691bf96233766de30e2fd473b84166c5b6 c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25 Loading...

	2by2gaming.com/wp-includes/js/mediaelement/wp-mediaelement.min.js	906 B	2023-03-07	2024-05-06
Pretty URL 2by2gaming.com/wp-includes/js/mediaelement/wp-mediaelement.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-05-06 23:57:40 Times Seen3893 Hash 2c6d3b562a48e0df5474999dd47e58fb 945220e990eb176c14e53cc663fb01e04e31b59f 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550 Loading...

	2by2gaming.com/	8.3 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-07 10:33:06 Times Seen643 Hash 1e23424880dfdb9e886fcff2f0aae6ee 8acaff02a625c997cbbb7ed8843e7cf610bf2b5b 0fc4db12b0d589fd17b3e43c3ba4cdca64183916637624bfe59aad7299284284 Loading...

	connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5	3.1 kB	2023-03-07	2023-03-07
Pretty URL connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 12:10:44 Times Seen1 Hash ecd0c9a2ce0bbe3e9c86c41912e35cc1 f66067ab206c913e246b4086158dcf7c6eaec9ed 05e0d3e737111c87099e7a91424127540515221219b725f5964f46e136755282 Loading...

	2by2gaming.com/wp-includes/js/jquery/jquery-migrate.min.js	11 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-includes/js/jquery/jquery-migrate.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-07 18:24:11 Times Seen69104 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	2by2gaming.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js	20 kB	2023-03-07	2024-05-05
Pretty URL 2by2gaming.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-05-05 04:50:01 Times Seen2579 Hash 596d6e5d8400fd1e913f9adc21071f93 fee2d7a4ac08d5a522c2298a5ad3ed30ac9e62ec 159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff Loading...

	2by2gaming.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js	13 kB	2023-03-07	2024-05-05
Pretty URL 2by2gaming.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:41 Last Seen2024-05-05 04:50:01 Times Seen476 Hash 0bf128a0c049a8e5386d7c709e8f2d5d dca62041e11fcbb5aeb958612916f3453efbcf5c 2d42b8a78389235460930cf4f496b8411d46a3344229e4309480803bb39d1575 Loading...

	2by2gaming.com/wp-content/themes/thefox/js/custom_woo_js.js	2.2 kB	2023-03-07	2024-04-02
Pretty URL 2by2gaming.com/wp-content/themes/thefox/js/custom_woo_js.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:00 Last Seen2024-04-02 12:29:45 Times Seen61 Hash 8eb607a508fe11a12eed7894bef3fe45 ab2ae560e0105201987c80dd496e2725eb291325 e0a2b189009134f30359f3783524e21e9f5b49a485a9ee86fb95feadaad3a949 Loading...

	2by2gaming.com/	56 B	2023-03-07	2024-05-03
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:06 Last Seen2024-05-03 21:18:47 Times Seen208 Hash 05e0ab0cf4fc4c95446661eb4f41b95e 71b0ca59ac291b501b924f951dff57b77c643e3e 76162303ac1b5c09b1479fc2f23cded3b71e2320a30000bc040c2e2c36cae53f Loading...

	2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js	3.1 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:17 Last Seen2024-05-07 05:21:28 Times Seen1537 Hash 0bd6cb4fbf6f16f1fc46934cd8515f3c 37360c9391c47e9d7b0460bf1fdfc8c380404c4f 29c7ceffe2b367039ee6eb32a7334e2a9131654cdbdaf57a5431d909f69d1cab Loading...

	2by2gaming.com/	2.1 kB	2023-03-07	2023-03-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 13:19:27 Times Seen1 Hash fd09e0e9ba39cf08a115eefdd840f251 0b322df34a3de2f377e435fde60ee2579060dbd8 ed8c6b09856735b899bb5856a7de1adcf03a092748b82e16a904c1505addcb00 Loading...

	2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js	118 kB	2023-03-07	2024-05-03
Pretty URL 2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-05-03 21:18:49 Times Seen1326 Hash 150324e55a09a90e1eface0a7faed270 0fe9f52c3c351c06f5cdb80f86d1aa70a52c4140 dfc519eb2d0e5ac0e8cdbe86fef355135280c643df14fa9a8e6abd5820d01159 Loading...

	2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_plugins.min.js	46 kB	2023-03-07	2024-01-06
Pretty URL 2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_plugins.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2024-01-06 11:56:41 Times Seen52 Hash 8821653ed39d499bc701075aac1fe8a8 1748a301074c648907502cba35097db769a129ce 886fea6facb5bf9c3302fe69840f5b45317ebd89d90b6988b97814a6b608257b Loading...

	2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js	51 kB	2023-03-07	2024-05-06
Pretty URL 2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:39 Last Seen2024-05-06 08:28:02 Times Seen567 Hash 19f49a9a1665777b11b2004ff4926d92 7d5bfbf9261ed89b9ca842487f7a6464964744b9 1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1 Loading...

	2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js	65 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-07 10:33:07 Times Seen3753 Hash e1223af8dbcd0552f6f6dc540431451e c01d6134f72ae04cb327a86918f3e88a63684e90 27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710 Loading...

	2by2gaming.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js	1.2 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-05-07 12:13:38 Times Seen9304 Hash 51300497928562f8c86c7aaba99237cd e5826832b85c6afc6502b74cbb8ac5394b04c363 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f Loading...

	2by2gaming.com/wp-includes/js/jquery/ui/core.min.js	21 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/wp-includes/js/jquery/ui/core.min.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-07 18:07:54 Times Seen3675 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	unknown	0 B	2023-03-07	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 18:31:51 Times Seen37414264 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	2by2gaming.com/	1.1 kB	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-07 10:33:05 Times Seen3332 Hash b36955bf11fd2b943745960d036901e5 d9b5403fee4ae8ec7ad7a3cc6ed747bb62aacf6e 5f82f0ebcd0edef1c37dcba00935d90b65c18d2b0834fce752efe5960e532de3 Loading...

	2by2gaming.com/	396 B	2023-03-07	2024-05-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-07 10:33:06 Times Seen1425 Hash 2c702ceafc8e24985178a20c032b7723 c5229f4849fdbb1eab17007ab8d02da8e8d6eebc f186b1f2ce94cd81a064fa5f279694263d5815afaea10497b0266c64244da39c Loading...

	2by2gaming.com/	195 B	2023-03-07	2023-03-07
Pretty URL 2by2gaming.com/ IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-03-07 13:19:27 Times Seen1 Hash 3272db52fe41551b07b1434fbcb959ed d03fa9bf9c63e1caf27a647d8856e49474596a90 7a410f5121fa46a8fa3de8a949a86e0f3e80272e4f0cc6b231ee1e81f788348b Loading...

	2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js	30 kB	2023-03-07	2023-12-24
Pretty URL 2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2023-12-24 11:39:42 Times Seen12 Hash 407c410cb999f3c72ca6229af82a7a45 125571fd739b414077467e00744a833103039408 e0016a2c4afb24c19eabe8ada40bf1afc267d64fe826ee8dc8eb89b33630d6bd Loading...

	2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/js/script-ck.js	665 B	2023-03-07	2024-02-29
Pretty URL 2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/js/script-ck.js IP 50.87.61.62 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:44 Last Seen2024-02-29 14:31:30 Times Seen30 Hash fe692ab906d21cd52baeb697d412bf18 e28999599f82fe2e69fd9e9af174f533522f0628 d4eb446d2b418291609cbc020a4b7a798c1a873f3c5895fcc0d1758344e284e3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 07056a27c002199edcbd07a2410ddca1	194 kB	2023-03-07	2024-05-03
Pretty Observations First Seen2023-03-07 01:25:06 Last Seen2024-05-03 21:18:48 Times Seen188 Hash 07056a27c002199edcbd07a2410ddca1 d6812203c46f084451c54a217c73cac744282ffd dd070087ced370f9074326519d371eeab0d0fb110582d2ab948a00dde8cd30c4 Loading...

	#2 Eval - 3a15fdf632cd75a684de311897cf30d3	51 kB	2023-03-07	2024-05-07
Pretty Observations First Seen2023-03-07 01:02:48 Last Seen2024-05-07 08:26:43 Times Seen1173 Hash 3a15fdf632cd75a684de311897cf30d3 96fe9f5c57184ee30d1be2896f2bff11717a7fbf 2626f69586429e55dcd345b157a84d3956e2ee556ebf54c6a64ca939f88dda04 Loading...

HTTP Transactions (143)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 15:49:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 32CT4XcGQSCgemy8I26E9iNCDZTwaC-45jPNRmf1sC-MXyx806iQGQ==
Age: 2088

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7590
Expires: Fri, 02 Sep 2022 18:30:26 GMT
Date: Fri, 02 Sep 2022 16:23:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JyHLA29FWikh_NdiDJN9PQXU02Lm6lvAX0631IHhF78JCSYcHd57jA==
age: 54519
X-Firefox-Spdy: h2

ftp.2by2gaming.com/

50.87.61.62

302 Found

207 B

URL HTTP/1.1
ftp.2by2gaming.com/
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
207 B (207 bytes)
Hash
95796134185872f17b9b77fbe8d6a173
4a8417745dfda4dec989a9c627a4aafcf1362ff4
ca8985d27793b10e171e56df58c893a8e91e6b955395835c5cd70ad9db5c1705

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: ftp.2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Fri, 02 Sep 2022 16:23:56 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 207
Location: https://2by2gaming.com/
X-Server-Cache: true
X-Proxy-Cache: MISS

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 16:23:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 15:38:16 GMT
Expires: Fri, 02 Sep 2022 16:14:28 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tNngSc5qw5j6FY8vGCRjD2p44ipXNwxlWDLL1Ivs8sh47WqnwHO_UQ==
Age: 2740

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d3ce659fe9258e72041158d3b41503be
935d830b2fee13a349fd043a63f951ea96d9a2a8
03295e205036ab7571626ed362ee223a2248e5f1d39cd7a7ef921d05e1d55a97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 16:23:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 15:27:46 GMT
Expires: Thu, 08 Sep 2022 15:27:45 GMT
Etag: "935d830b2fee13a349fd043a63f951ea96d9a2a8"
Cache-Control: max-age=514427,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744797d61e080b51-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6501
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:23:57 GMT
Last-Modified: Fri, 02 Sep 2022 14:35:36 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.228.106.27

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.106.27:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TgsglOiplE6comkB4ZGHIQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fjRf2a6evMejVlpDZgIuh72yLkQ=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8453
Expires: Fri, 02 Sep 2022 18:44:51 GMT
Date: Fri, 02 Sep 2022 16:23:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8453
Expires: Fri, 02 Sep 2022 18:44:51 GMT
Date: Fri, 02 Sep 2022 16:23:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8453
Expires: Fri, 02 Sep 2022 18:44:51 GMT
Date: Fri, 02 Sep 2022 16:23:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10435 bytes)
Hash
955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
age: 67592
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13104 bytes)
Hash
cab49f59207f816d98a21cd3fc2c37d1
8a9278f8ff5d149420673649878ca1ee266a0783
aebe0748f049bcb801be83459d4bae66b9c1453de3b0ea7e6a63bea88b6e7a5a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13104
x-amzn-requestid: da627f0c-5cde-4a37-878c-dcada8a25f64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EYoIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-10dbcb432e6d1af46cffaefe;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4Ve7euVpAusbqUYkx-vWIBLDbIidnuXDqMDG0LRpu40sXh6a2fEPJA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:50 GMT
age: 65828
etag: "8a9278f8ff5d149420673649878ca1ee266a0783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6196 bytes)
Hash
5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wLezqM4_yKqtOR7D43beBqm8TAD5y8eQ7xHOxjDJdHchCpyusuzMuQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:55:46 GMT
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
age: 66492
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9252 bytes)
Hash
5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:01:10 GMT
age: 66168
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (16818 bytes)
Hash
12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CDyJUMKmUlrT3LgfeiZhQN1XEV2vKTIZtmV4QZYXaoM4PWbYo8IyJA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 14:46:29 GMT
age: 5849
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5889 bytes)
Hash
24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:51 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 65827
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext

216.58.211.10

200 OK

1.4 kB

URL HTTP/2
fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.4 kB (1416 bytes)
Hash
489201f3ae372e66068ef6cd0ac6df9f
70f9bb1c73ebc6097d2658a187da727fd27a3583
e5a37e60ea11c0f6bcbee3198593ffafff4d2f8e0a97787b11eff03d8110bf29

HTTP Headers

GET /css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 16:24:02 GMT
date: Fri, 02 Sep 2022 16:24:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css

50.87.61.62

200 OK

5.1 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
5.1 kB (5085 bytes)
Hash
fb2c5b117dcdb66d7a6b6173bb1b8f8d
14c63b319a54fa9475a786da0a4995133677606f
3e9c67704130e98758c2dffe3600c8a2e690c9a89cbac41c4dbb654a303457e8

HTTP Headers

GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 03 Dec 2019 04:10:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5085
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/acurax-social-media-widget/css/style.css?v=3.3&ver=6.0.2

50.87.61.62

200 OK

176 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/acurax-social-media-widget/css/style.css?v=3.3&ver=6.0.2
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
176 B (176 bytes)
Hash
c6c27a2c851a526fd31667b03fbb405e
219b55efef5177664b172c37f6c83db4966892c0
b09fba18da0c70b8afd99ae15055fb06005aa1839825011c98069af5742ccc5a

HTTP Headers

GET /wp-content/plugins/acurax-social-media-widget/css/style.css?v=3.3&ver=6.0.2 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:30:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 176
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/dist/frontend.plugins.min.css

50.87.61.62

200 OK

3.2 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/dist/frontend.plugins.min.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11672), with no line terminators
Size
3.2 kB (3159 bytes)
Hash
a44270a0e029a3adfa8292dc3a29f82d
494ef74cef43fc30155324614b60f4615f0eeea0
b700ac58e2288bd5fdd50802195296e9bc2519c1f676eaf6bee4fa39cb0aa62a

HTTP Headers

GET /wp-content/plugins/live-composer-page-builder/css/dist/frontend.plugins.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:27:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3159
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/font-awesome.css

50.87.61.62

200 OK

9.2 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/font-awesome.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
9.2 kB (9205 bytes)
Hash
c15a70c2c3de55f022efee3a28aa3d70
f1afb0d06f4bd84f60ea3ff67d5ad13a3bf3c210
0f77e710f6a2db4cb41395aada6f47eb7486ce4f0e067acfc4585b995d3d2624

HTTP Headers

GET /wp-content/plugins/live-composer-page-builder/css/font-awesome.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:27:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9205
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/css/dist/block-library/style.min.css

50.87.61.62

200 OK

17 kB

URL HTTP/2
2by2gaming.com/wp-includes/css/dist/block-library/style.min.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (43771)
Size
17 kB (16594 bytes)
Hash
2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 02:06:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16594
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/revslider/public/assets/css/settings.css

50.87.61.62

200 OK

12 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/public/assets/css/settings.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Size
12 kB (12201 bytes)
Hash
16f565a8f59ad5c049db9ef399b90df5
3ec6b1e3d5b626dcbbb6e7dfaabd6ecad8cc4e27
8d2dbd71966559957250504278cd832cff651f6904772c6bc4f5932e9d19af03

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/settings.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12201
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/contact-form-7/includes/css/styles.css

50.87.61.62

409 Conflict

83 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/dist/frontend.min.css

50.87.61.62

200 OK

14 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/live-composer-page-builder/css/dist/frontend.min.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (55476)
Size
14 kB (13464 bytes)
Hash
a8b04a923beb85aad1c251d2c9bbc503
8a657577b4a54828c8c6cecf3f71e6ed530bc0fc
b5c3b6440340d511720b55cec950fb0c3cc8039029f7446aec52bf9180040a4f

HTTP Headers

GET /wp-content/plugins/live-composer-page-builder/css/dist/frontend.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:27:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13464
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css

50.87.61.62

200 OK

15 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
15 kB (15295 bytes)
Hash
4965d273c665d58ac673952b3299e882
b2175b87388934bfc92ac38640e69a1ba2bf8efb
f20935193b8a3b402938e07226d46436915d48b1e829e6cf6834fa060e6db129

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15295
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/includes/Flexslider/flexslider.css

50.87.61.62

200 OK

1.9 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/includes/Flexslider/flexslider.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1903 bytes)
Hash
d1552ffebf6e4b4bc2248bfefbc173c7
2ff0cceb22f99c04fdbcbecce1e332344537cec8
b0823f09c8919e0a0c9192c2a5337b9d88d24033c3fd7a5d94406c2eb4a5bb15

HTTP Headers

GET /wp-content/themes/thefox/includes/Flexslider/flexslider.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1903
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/redux/custom-fonts/fonts.css

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/uploads/redux/custom-fonts/fonts.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/redux/custom-fonts/fonts.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:48 GMT
accept-ranges: bytes
content-length: 0
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/contact-form-7/includes/js/index.js

50.87.61.62

409 Conflict

83 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox_child_theme/style.css

50.87.61.62

200 OK

416 B

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox_child_theme/style.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (432), with CRLF line terminators
Size
416 B (416 bytes)
Hash
4f5c815dcee5b830e5aab8b47ebc0413
a44cc81f6b8f5716dc10651c034f56aeff803470
2bf536412abbda6d90ecde248aeb9fa09737d1c57c135c4ebf1540496faec124

HTTP Headers

GET /wp-content/themes/thefox_child_theme/style.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 416
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/css/rgs.css

50.87.61.62

200 OK

768 B

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/css/rgs.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
768 B (768 bytes)
Hash
6fab4e7be7b78167c7b738bb79922e5b
aae8af12111488ee38e732e2e2538e01e2c090da
c2edcb3a983aa7b07b21a04ed47ec34aeb6879ce48c3a1a1b0ed5618c797aa4d

HTTP Headers

GET /wp-content/themes/thefox/css/rgs.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 768
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/jquery/jquery.masonry.min.js

50.87.61.62

200 OK

724 B

URL HTTP/2
2by2gaming.com/wp-includes/js/jquery/jquery.masonry.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1626)
Size
724 B (724 bytes)
Hash
e1b8f48388e00a715d3fe1f64ea15476
3ea75fd181dd3630bd8765a2b67f23d6da39edbf
87f4466dda6ad8e1c9aa26ef27e28b3b74ac40327d8daf4a7cf994e5b7893718

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.masonry.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 31 Aug 2018 16:27:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 724
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/includes/zilla-likes/styles/zilla-likes.css

50.87.61.62

200 OK

173 B

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/includes/zilla-likes/styles/zilla-likes.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
173 B (173 bytes)
Hash
39b2741e31c5a052c44d2eaa22981fe7
ae72a066e3d23e636e7edfdbba4c74836ed2d431
54cb55ff0e24b12a2631b4152cf810a15e48a34bffbc7b52b25521cc6c828041

HTTP Headers

GET /wp-content/themes/thefox/includes/zilla-likes/styles/zilla-likes.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 173
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js

50.87.61.62

200 OK

540 B

URL HTTP/2
2by2gaming.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1191), with no line terminators
Size
540 B (540 bytes)
Hash
cea5e0013ee4b14895dc0f6c424a03e8
b21c776891ff57c003b385a1aa62ba613b292a21
1cfe89d6aa36aea0e986e379590ab23877257e8416764d18105d1176dfcd64d9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:09:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 540
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/js/custom_woo_js.js

50.87.61.62

200 OK

714 B

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/js/custom_woo_js.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
714 B (714 bytes)
Hash
c79977c4ee43aaeef5617436d2f001b0
17efb5737a413a19c9e67ac64187ce0fd9105b27
c82a9a8f320e3e20e17f81a8fbdc941a28220e4202e9672f92d92b16d4226f70

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/thefox/js/custom_woo_js.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 714
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/js/smoothscroll.js

50.87.61.62

200 OK

2.3 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/js/smoothscroll.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4440), with CRLF line terminators
Size
2.3 kB (2317 bytes)
Hash
2d8450274e64463b02abf2a4429c657d
cd2bba4f7951a4c9b0bd220a6939c84b910eabe4
cc8bc21ce3771cbbfc5ca622750e8f271fef06d898af6dee2a777d3e1f848686

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/thefox/js/smoothscroll.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2317
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js

50.87.61.62

200 OK

1.6 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (2861), with CRLF, CR line terminators
Size
1.6 kB (1566 bytes)
Hash
db111558e1a36ddb44ee116a32a1f046
0be7812f2f99932c1ebb96b7b4c5d6b403e20da5
dd692eb76a66ce5fa3ee4a9ea97bd46cabc6c9a8ccbe08def28f48ffa10c5fbb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 15:59:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1566
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css

50.87.61.62

200 OK

3.4 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (14965), with no line terminators
Size
3.4 kB (3356 bytes)
Hash
8be7a878c560f1b146db163966f64d74
0dfdd50b2c3355c62cd7426649e819ba4a652495
7c7f8eb143a56619e051b210fa355e14ff4ff9f8fad982b0c4110c166a2aadca

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3356
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/imagesloaded.min.js

50.87.61.62

200 OK

2.1 kB

URL HTTP/2
2by2gaming.com/wp-includes/js/imagesloaded.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (5477)
Size
2.1 kB (2103 bytes)
Hash
f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 02:16:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2103
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css

50.87.61.62

200 OK

4.1 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11819)
Size
4.1 kB (4070 bytes)
Hash
aaf5684299dd7e9c9b7e7ec424b38a91
f35fe1f096ea680f7d849bdbb7547810fcdecd11
91ae7d066c22afff5006128d2b653cdf9e8942dc7f7155e4b7fc5111e01ac9b0

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4070
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/jquery/jquery-migrate.min.js

50.87.61.62

200 OK

4.6 kB

URL HTTP/2
2by2gaming.com/wp-includes/js/jquery/jquery-migrate.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 02:16:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/js/script-ck.js

50.87.61.62

200 OK

298 B

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/js/script-ck.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (665), with no line terminators
Size
298 B (298 bytes)
Hash
6631a19ad49c6c8244afd56229de367a
ed50b1f18e170a98d72d8981928b2d8a54b29192
7ea63f50be0ce3ff850c58c4135ab863f1510c9051fd19cc84d7b49c5acf3cf1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/thefox/includes/4k-icons/js/script-ck.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 298
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/css/elegant.css

50.87.61.62

200 OK

5.3 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/css/elegant.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (8050), with CRLF line terminators
Size
5.3 kB (5256 bytes)
Hash
ffe107e6257558a28f7908a9d2a5a301
65a975884eeee59bfb582b4f329931811266a68c
0fa613536d216e6b005a4c309690ab44dffe16b731e93ac323d0336d55da4f66

HTTP Headers

GET /wp-content/themes/thefox/css/elegant.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5256
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/css/font-awesome.css

50.87.61.62

200 OK

5.5 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/css/font-awesome.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
troff or preprocessor input, ASCII text, with very long lines (337), with CRLF line terminators
Size
5.5 kB (5510 bytes)
Hash
bffee79bfbab76143451aa14afdcdd6a
ae3f88b9b0837987d9707da93629207fbc1d45be
4ad36b94953f4b471ebefabb27b385de441b999b66c4c30c318f209f74ab9dca

HTTP Headers

GET /wp-content/themes/thefox/css/font-awesome.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5510
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js

50.87.61.62

200 OK

2.7 kB

URL HTTP/2
2by2gaming.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.7 kB (2675 bytes)
Hash
45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:09:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/wp-emoji-release.min.js

50.87.61.62

200 OK

5.3 kB

URL HTTP/2
2by2gaming.com/wp-includes/js/wp-emoji-release.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15660)
Size
5.3 kB (5321 bytes)
Hash
710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:09:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/css/moon.css

50.87.61.62

200 OK

13 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/css/moon.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (19725), with CRLF line terminators
Size
13 kB (12993 bytes)
Hash
2f78433715325f38991eee5b73d04c88
e088d1d8107c751ce60d11f83f3ebb892e4239b7
98a938ef0c3f11f2538b2b15e2c2eb5cf46587f016197522485b6589c57de99a

HTTP Headers

GET /wp-content/themes/thefox/css/moon.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12993
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/media-queries_wide.css

50.87.61.62

200 OK

15 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/media-queries_wide.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (375), with CRLF line terminators
Size
15 kB (14551 bytes)
Hash
b74c1e309c15eddb77f0b88ed46297c9
5a9d952a25e4b77157bcb6e471f760980cad74f9
606d3dee5bbb02346dc71af053d10908a74f823c018795fba531f83c7e8b0225

HTTP Headers

GET /wp-content/themes/thefox/media-queries_wide.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14551
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/jquery/ui/core.min.js

50.87.61.62

200 OK

8.2 kB

URL HTTP/2
2by2gaming.com/wp-includes/js/jquery/ui/core.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
8.2 kB (8169 bytes)
Hash
a0a1c8194f131320e1798f90a7b1262a
3346d35be1f2e4886f19e7fcc0cc96ee4753d9ed
7f618ab13cec0933ec2c61fa2b580ad77ca41522028649677494219fa9ce56db

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:09:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8169
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/dist/vendor/wp-polyfill.min.js

50.87.61.62

200 OK

8.3 kB

URL HTTP/2
2by2gaming.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size
8.3 kB (8254 bytes)
Hash
e49f0561a452c9d04fb7d1510a23cc8c
9e8fc2e3129da4fe2790eee565a6478b864bea83
ab4f9f418b022ab34d617ee2f95d70afff005ed4d4d92e313ce84a56b40bce75

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:09:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8254
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_frontend.min.js

50.87.61.62

200 OK

7.9 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_frontend.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (24087)
Size
7.9 kB (7891 bytes)
Hash
37b40cf6a5a0b9d4e22b0fed85a5140a
3cfbca5fe4495dff6ece1483ff92dd7f131320fd
4abb110200c0922cfb4622cb7f64bcbb80359f0d2ddedb5c8194dae1b6014d4c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/live-composer-page-builder/js/dist/client_frontend.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:27:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7891
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/masonry.min.js

50.87.61.62

200 OK

9.2 kB

URL HTTP/2
2by2gaming.com/wp-includes/js/masonry.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (23966)
Size
9.2 kB (9216 bytes)
Hash
2a730dafa34e6ff81513d31e486cdbdb
1fce17d256f67ae086d74092a03006997d9b0add
7a5fd36a453a3a7471fa93b8169579f9a98e2df7a262c44d28d3de41a0f7ae1c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/masonry.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 02:16:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9216
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/css/animations.css

50.87.61.62

200 OK

10 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/css/animations.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (446), with CRLF line terminators
Size
10 kB (10113 bytes)
Hash
1aec3ef6ae708c970928efa869a5c622
6753bd167b4073facbed1cb04cc607f7715bf119
5baa269481b8c9780b0eeff7058b2bd4e301537119c7c1d83722f14009839b58

HTTP Headers

GET /wp-content/themes/thefox/css/animations.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10113
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/css/icon-styles.css

50.87.61.62

200 OK

1.1 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/css/icon-styles.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4972), with CRLF line terminators
Size
1.1 kB (1103 bytes)
Hash
055cddc1a4567ae1f9907bb5f7780abd
3b0e93703c80d4700e55b2c47c151069b319396b
dbe4d21a3a2c89e251198e7df0e6f7d2b4a8c81ee2269be92b2a83de51ee355f

HTTP Headers

GET /wp-content/themes/thefox/includes/4k-icons/css/icon-styles.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1103
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/mediaelement/wp-mediaelement.min.js

50.87.61.62

200 OK

483 B

URL HTTP/2
2by2gaming.com/wp-includes/js/mediaelement/wp-mediaelement.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (906), with no line terminators
Size
483 B (483 bytes)
Hash
961b384bf5b28ac673051be024563f79
606ebba9fa8aec74cf413098b084500c8b16b85c
a9c17b0e5a9c12428c6ed8d0c4622ddbae112a9ac19bccf451f125972cd91935

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 02:16:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 483
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js

50.87.61.62

200 OK

696 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1472), with no line terminators
Size
696 B (696 bytes)
Hash
149199e590e83a45c6cfb84e505ee166
d2a506c87a1ce49b6927eb70b36a2e05054734b8
91cb2836b2266eeee962eb258c85c327a5f0e3c8812fefdc74cf685b72537d57

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 15:59:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 696
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js

50.87.61.62

200 OK

3.6 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (23514)
Size
3.6 kB (3626 bytes)
Hash
5a5e39ce4b39452f116eb0dc64a6f942
f83917e8fa5c8afdd8af5763c1580fe57b017eb4
b4e953166c1366edb908048019e3a48cbb69b76d2413941321864c481ebf442b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 03 Dec 2019 04:10:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3626
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js

50.87.61.62

200 OK

3.3 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (9346), with no line terminators
Size
3.3 kB (3331 bytes)
Hash
eb89a4b650d11f21e8dfb8723f0beb2a
ed1ca064486e70e34967e35432442ea2759d3bb0
2293eaa848408400905e5673a1a9764e17188ca86bedff223c1664c051df5b38

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3331
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/includes/prettyPhoto/css/prettyPhoto.css

50.87.61.62

200 OK

5.8 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/includes/prettyPhoto/css/prettyPhoto.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
5.8 kB (5797 bytes)
Hash
89fd34371ff8b799896623f41be65bf7
f2f4efc68fca3155e71e58e8c86b9508d5ccdf9b
259de73c826d85945e44fe7b5a6c7e1a3b93dd199f86db3fb63725c9e341caa5

HTTP Headers

GET /wp-content/themes/thefox/includes/prettyPhoto/css/prettyPhoto.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5797
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js

50.87.61.62

200 OK

4.9 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11484), with no line terminators
Size
4.9 kB (4850 bytes)
Hash
1b60910f11a0d775fcfa572adb62ee64
f1bd74f734e6938c95d01de8e868a7c785ddbc4b
2d1669803c454716bfc0cbf4a477db499c13d6070b3b06dad649e3903b107a91

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 15:59:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4850
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js

50.87.61.62

200 OK

6.4 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (12478)
Size
6.4 kB (6377 bytes)
Hash
9c2d03a459cd4c9c8064207c22ef834c
12e45ea32473cdf339bdfa4a3611f5e017019d7d
8e528fbe9db30555ec2867509a0aa8413db0b36a4f7890afe80c90cffbba40f6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 30 Jul 2021 15:52:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6377
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js

50.87.61.62

200 OK

7.1 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (19905)
Size
7.1 kB (7084 bytes)
Hash
11c71ebe3b5ee1cc9acd2fcfd152f186
2b36c7b86094a60c194187c30273fd4434b9ed6b
ac582bbaaf2eedfff77b28db99253070f31d0262e3c8ca7751cbfdb0ba1fa6f4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 30 Jul 2021 15:52:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7084
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js

50.87.61.62

200 OK

8.1 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (827), with CRLF line terminators
Size
8.1 kB (8105 bytes)
Hash
5518a5dade150ea7c75df807117a8f7c
57fa27a53a53364b833b35a28413037e4c4dbddb
a22c81f8a9ea04df923710065cdba73e02eac3f326101fc4c4de0c883618b824

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/js/custom.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 15:59:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8105
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/revslider/admin/assets/images/dummy.png

50.87.61.62

200 OK

73 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/admin/assets/images/dummy.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
73 B (73 bytes)
Hash
9d08eac154f5b02ef14e612fc25b9bf2
5a1e9121811015fbc274dae72072f874aee3d805
17af9e65317bbbfbbd0bcdc729f14faadf37cd08cf30cc0fe0b72443e78cbffb

HTTP Headers

GET /wp-content/plugins/revslider/admin/assets/images/dummy.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
content-length: 73
content-type: image/png
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2021/05/image001.png

50.87.61.62

200 OK

41 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2021/05/image001.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 817 x 359, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (41433 bytes)
Hash
6e05e6c74de5c8d689c1ae86711a3511
429b4227545cd5b6e1ddfd168d08b090f421473a
e8b30f9144a7c0b742845c535690092dceccfd8abf42928a40c9474227b41d60

HTTP Headers

GET /wp-content/uploads/2021/05/image001.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 28 May 2021 15:00:37 GMT
accept-ranges: bytes
content-length: 41433
content-type: image/png
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black.png

50.87.61.62

200 OK

582 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1300 x 1300, 8-bit/color RGBA, non-interlaced\012- data
Size
582 kB (581550 bytes)
Hash
855dab4ab20a4d886bc17d6f3ab97850
905b2951001092fc4214c7baf08c82e58284c594
f6b15d9d8934dc5ee1fd26127bfb01b78136a4e16851349ae1dbb9b88f7829b8

HTTP Headers

GET /wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 19:46:05 GMT
accept-ranges: bytes
content-length: 581550
content-type: image/png
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2by2gaming.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 256422
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2by2gaming.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:53:20 GMT
expires: Tue, 29 Aug 2023 18:53:20 GMT
cache-control: public, max-age=31536000
age: 336643
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

2by2gaming.com/wp-content/themes/thefox/includes/font/fontawesome-webfont.woff?v=4.1.0

50.87.61.62

200 OK

98 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/includes/font/fontawesome-webfont.woff?v=4.1.0
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Size
98 kB (98024 bytes)
Hash
fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/thefox/includes/font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2by2gaming.com/wp-content/themes/thefox/css/font-awesome.css
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
content-length: 98024
content-type: font/woff
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black-mobile.png

50.87.61.62

200 OK

41 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black-mobile.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 40984, version 1.0\012- data
Size
41 kB (40984 bytes)
Hash
239785313afd1d6f029060dce09eaa72
506c2e4f22d57fd38e8a3145472b79cff5d08885
f0898df3085ce12eed623cad85a9b30fe200e25bd05c03f8323f260e41d14d6d

HTTP Headers

GET /wp-content/uploads/2018/12/2BY2-GAMING-NEW-LOGO-WITH-BLUR-black-mobile.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Dec 2018 02:14:17 GMT
accept-ranges: bytes
content-length: 26906
content-type: image/png
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js

50.87.61.62

200 OK

733 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
733 kB (733114 bytes)
Hash
d4d335d3226b9560a9d52489ec739f20
677792897ab4fddfa56056b8166dbd8d667a3b7e
e4482a70783f1d663292f98c164a1605ab75798f1d5f73f70d7cb876501ab01d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/icons/4k-icons-pack05/icons/fonts/zm.woff

50.87.61.62

200 OK

41 kB

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/includes/4k-icons/icons/4k-icons-pack05/icons/fonts/zm.woff
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, CFF, length 40796, version 1.0\012- data
Size
41 kB (40796 bytes)
Hash
af45fc2a6edad2e05d4cbae76ea4161c
34f4ae30130e7eb6c641eafd12345d60bda48106
c5977a2418239ce407862163674372fd847c86668beac023b468121ac97d86ac

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/thefox/includes/4k-icons/icons/4k-icons-pack05/icons/fonts/zm.woff HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
content-length: 40796
content-type: font/woff
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js

50.87.61.62

200 OK

273 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
273 kB (273292 bytes)
Hash
b0d25cc9b9a9df320e5408adfa533e49
f71da426493c41e89e7d1d03db78b7b6ad4c9802
1bd11592e9e0f656fd49d158910813d67f65042f0215cdbcced92bbbe0050887

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/contact-form-7/includes/js/index.js

50.87.61.62

409 Conflict

83 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
be8adeb6647855a91c3cf43538aa91dc
4a7d9d9c44d6da2d916bc5ecd6e8ed6758eccff4
8e25adb5f789bcc4a193746924bde46030bda14f5829f60d8dc34636d9f43001

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4375
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:03 GMT
Last-Modified: Fri, 02 Sep 2022 15:11:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 727

2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.carousel.min.js?version=5.4.8

50.87.61.62

200 OK

2.9 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.carousel.min.js?version=5.4.8
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (7370), with CRLF line terminators
Size
2.9 kB (2941 bytes)
Hash
f674dc9b9b42b1b631241c1db7a0dc6e
6b1b582b6b5bc94304ad39ac8762ae3c761f2d52
f7eb77527083531b5d524987e53222a79f6eaf6f56f245ecdd79e326f438ac1b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.carousel.min.js?version=5.4.8 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2941
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8

50.87.61.62

200 OK

2.8 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (8089), with CRLF line terminators
Size
2.8 kB (2845 bytes)
Hash
4b7965432515b8c0726df47d008f39b3
4da311c37395db04b3f0e25c88e595f0a3c96c88
f08d33a18da2349f5627a6a90e0823b9a904151e514a7fd353dca48c5717cbe3

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2845
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js

50.87.61.62

200 OK

54 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32006)
Size
54 kB (54142 bytes)
Hash
e37f72ce68549c85863f001cf157285f
abcd2799e603e52864119588fb0ba5b751925eed
3548e4683891d4a21663caabb256aa7edc350fb900c01859fae1e4e1724e74f2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 03 Dec 2019 04:10:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8

50.87.61.62

200 OK

8.9 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (25862), with CRLF line terminators
Size
8.9 kB (8892 bytes)
Hash
24cc4ae82947db94318c91847a49ee68
23ba55c3129dec4bb3c302eef52bebcbfa172e97
a3ab15aba69b891687f297afd31f1b09aa19856083d4ce9bb59d5b8f9df21477

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8892
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2020/12/Play_Casino_bow.png

50.87.61.62

200 OK

46 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2020/12/Play_Casino_bow.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 2608 x 659, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (46274 bytes)
Hash
27c62c84fb77b836ae1a304b6ecd2016
2b3753e57258e1c2f50944a635b484ad37dbf66a
e35cf90098aaf76d46133946d54700500192991f23573e0cf25cc4151088a6d2

HTTP Headers

GET /wp-content/uploads/2020/12/Play_Casino_bow.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 15 Dec 2020 22:49:24 GMT
accept-ranges: bytes
content-length: 46274
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2020/08/image001.png

50.87.61.62

200 OK

12 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2020/08/image001.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 320 x 55, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12028 bytes)
Hash
542cc9c46420464c7f5befd583e1d00c
e2cee2730317aa05ae4fd50c3fbee137f9e39dee
38efa92d07d1541d39d1576bcc364da7f07fff72f8de7f70bfb63fe90b8e7be4

HTTP Headers

GET /wp-content/uploads/2020/08/image001.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 01 Sep 2020 15:05:23 GMT
accept-ranges: bytes
content-length: 12028
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/

50.87.61.62

200 OK

50 kB

URL HTTP/2
2by2gaming.com/
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
50 kB (49478 bytes)
Hash
553dfa71620a01d235205e59f884f0e1
c66b7f62906dd27bef7298394d0a989e2a915dd5
6166cded23259a168a76f45910398657522caf1b9c1fe2db70691bd3690a2c71

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:23:57 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://2by2gaming.com/wp-json/>; rel="https://api.w.org/", <https://2by2gaming.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://2by2gaming.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: MISS
set-cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279; expires=Fri, 02-Sep-2022 16:53:59 GMT; Max-Age=1800; path=/
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2020/07/playfortuna-logo-250-167.png

50.87.61.62

200 OK

9.6 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2020/07/playfortuna-logo-250-167.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 250 x 167, 8-bit/color RGBA, interlaced\012- data
Size
9.6 kB (9635 bytes)
Hash
dd9ad2621bfb342e3e25e02f85d86ad0
2f9bb07d80074097d722b50b874fd72dc3bf4497
6f1efbe7e3a8e11229e0dda4581b7fb3ea257bfd6724166ccc48cbc6b07104f2

HTTP Headers

GET /wp-content/uploads/2020/07/playfortuna-logo-250-167.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 Jul 2020 16:09:39 GMT
accept-ranges: bytes
content-length: 9635
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2020/07/Casino-RU-logo.png

50.87.61.62

200 OK

13 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2020/07/Casino-RU-logo.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1188 x 168, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12658 bytes)
Hash
f053c74fa97c5013430253bd0ca4859a
2131921d2669164c63df474105f005ad65b02a2a
0371e77cbd50163bbfaa6eedb6cd381ba3e28d2b9af4ddbd0d22b5059296b8ba

HTTP Headers

GET /wp-content/uploads/2020/07/Casino-RU-logo.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 07 Jul 2020 15:45:04 GMT
accept-ranges: bytes
content-length: 12658
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2020/07/Mr-Gamble-Logo.png

50.87.61.62

200 OK

463 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2020/07/Mr-Gamble-Logo.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1981 x 1981, 8-bit/color RGBA, non-interlaced\012- data
Size
463 kB (462841 bytes)
Hash
62afe57192f3260a3e1566ad5a42213d
b31196a336797a3e0af05cfb932a722f3ad0b02b
ee5380bbe7377d1da8def8487d88f790a7c88c81f6f49d7990d8139f6786e5cb

HTTP Headers

GET /wp-content/uploads/2020/07/Mr-Gamble-Logo.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 07 Jul 2020 15:45:07 GMT
accept-ranges: bytes
content-length: 462841
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2020/05/GMBLRS.png

50.87.61.62

200 OK

4.5 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2020/05/GMBLRS.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 364 x 175, 8-bit/color RGB, non-interlaced\012- data
Size
4.5 kB (4473 bytes)
Hash
52d2550b1dc268036318db9245ad4aa1
ea96d32e09d1878d9f728fff6e76ea15d40f34fd
7225f1153f75130221b4c12be68530d01e8fddfa06d6265f16af4b727fe6bdb1

HTTP Headers

GET /wp-content/uploads/2020/05/GMBLRS.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 May 2020 20:50:32 GMT
accept-ranges: bytes
content-length: 4473
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2020/04/0f3ef4b72c18bf931fc0cf4d81f9c7ea.png

50.87.61.62

200 OK

32 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2020/04/0f3ef4b72c18bf931fc0cf4d81f9c7ea.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 828 x 117, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31926 bytes)
Hash
0f3ef4b72c18bf931fc0cf4d81f9c7ea
465febe502e62d7123fe29526c5bcbcbf701a8c8
41bd3a5112a3b227f734af1e0df6319a094283db42b28a18131b2568c425cb41

HTTP Headers

GET /wp-content/uploads/2020/04/0f3ef4b72c18bf931fc0cf4d81f9c7ea.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 Apr 2020 15:41:37 GMT
accept-ranges: bytes
content-length: 31926
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2020/01/CasinoScout-Logo-2by2Gaming.png

50.87.61.62

200 OK

22 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2020/01/CasinoScout-Logo-2by2Gaming.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 547 x 163, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21766 bytes)
Hash
59de93f12977df32215ce2cc724c0f5c
8f61e611d9a1c90f8a34d9b459f25b69bd900f0b
01ff3e5cec7188aec7f09bcfc9482585e81df1a9f9a1d3862666d09916315a6e

HTTP Headers

GET /wp-content/uploads/2020/01/CasinoScout-Logo-2by2Gaming.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 21 Jan 2020 17:12:18 GMT
accept-ranges: bytes
content-length: 21766
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/revslider/public/assets/assets/coloredbg.png

50.87.61.62

200 OK

184 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/public/assets/assets/coloredbg.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 5 x 5, 8-bit/color RGBA, non-interlaced\012- data
Size
184 B (184 bytes)
Hash
397e5bd80bc0fe4e18c1837deead5e72
02ba7ca593b1aecc13bc821b1043cbbb3e9421a0
ef2284224ce3426c26d4caa902989107ba3200dbd24d4ace60ccb2bad033f000

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/assets/coloredbg.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/wp-content/plugins/revslider/public/assets/css/settings.css
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
content-length: 184
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720.jpg

50.87.61.62

200 OK

291 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
291 kB (291059 bytes)
Hash
26b11241633cfe461b222a4e8f51aa62
c14f64185ea3d2a51bcd73a0e2fa4df7c02f5154
3a77d87afe303ba9a866408260b7452ed21df96641cb09421deea815808e97ce

HTTP Headers

GET /wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 08 Oct 2018 16:04:35 GMT
accept-ranges: bytes
content-length: 291059
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2019/09/Loading-Screen-1280X720-2.png

50.87.61.62

200 OK

1.1 MB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2019/09/Loading-Screen-1280X720-2.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1280 x 720, 8-bit/color RGB, non-interlaced\012- data
Size
1.1 MB (1092590 bytes)
Hash
278a760516f298c459687b78973d81cf
1f25deaceb6a6f3c8979df659a19a18c0abf849f
b34684e330cf9a2c1ac8ca3f71e0044580cb5919afc69f215714935a2a0297f0

HTTP Headers

GET /wp-content/uploads/2019/09/Loading-Screen-1280X720-2.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 05 Sep 2019 15:34:09 GMT
accept-ranges: bytes
content-length: 1092590
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/revslider/public/assets/css/openhand.cur

50.87.61.62

200 OK

326 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/public/assets/css/openhand.cur
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @7x5\012- data
Size
326 B (326 bytes)
Hash
b06c243f534d9c5461d16528156cd5a8
bb22807a7c23dae7d007673b407850438856bbfa
080627fa359156339e79f118fa66a6937f09ff679fe87e8afa473b95c8168d35

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/openhand.cur HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/wp-content/plugins/revslider/public/assets/css/settings.css
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
content-length: 326
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
x-server-cache: false
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen.png

50.87.61.62

200 OK

2.3 MB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size
2.3 MB (2298902 bytes)
Hash
6e53e215391ea320524ccef348f222aa
dbb05cde44ecc7ac758490f07d8e741875490302
0c895142390f0cfc00ee125fa1dfe763937b732bcecec46baaa1aa570c9e5b55

HTTP Headers

GET /wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 17:08:13 GMT
accept-ranges: bytes
content-length: 2298902
content-type: image/png
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/Top-Screen-100x50.jpg

50.87.61.62

200 OK

5.1 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/Top-Screen-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Size
5.1 kB (5074 bytes)
Hash
ea431a768698722fbc36f767d126346b
ab199b5896f48e9ab408496ae3fd12726a7db7d2
ef148d3523b536ed8a253491029d36843a44b6c58d3a34af5ca57b737f66ecc0

HTTP Headers

GET /wp-content/uploads/2022/06/Top-Screen-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 21:31:12 GMT
accept-ranges: bytes
content-length: 5074
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2021/04/Loading-Screen-1-100x50.jpg

50.87.61.62

200 OK

3.5 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2021/04/Loading-Screen-1-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x50, components 3\012- data
Size
3.5 kB (3493 bytes)
Hash
d2ab8154c8ac23423d92681cb44f4621
e155e8215490ee2d44d237097b8ef7aaacf5cc12
cc6fcb4cc38c1bec158b1bec5ed6469bc97ea26942c79f111c485cbb39c05f66

HTTP Headers

GET /wp-content/uploads/2021/04/Loading-Screen-1-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 06 Apr 2021 16:35:07 GMT
accept-ranges: bytes
content-length: 3493
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720-100x50.jpg

50.87.61.62

200 OK

3.3 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 100x50, components 3\012- data
Size
3.3 kB (3271 bytes)
Hash
a854ecb651290a72c81102c9d78aeb34
bbcfe0c62f6d34d474223e92f03bb5156ff40d40
4faafbef6af04f4e2ccc79907a6924a81fe1116ef6a89596fd7f802861470300

HTTP Headers

GET /wp-content/uploads/2018/09/The_Sand_Princess_Splash_Screen_1280x720-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 21:23:05 GMT
accept-ranges: bytes
content-length: 3271
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/FeiLianFortune_TopScreen-100x50.png

50.87.61.62

200 OK

13 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/FeiLianFortune_TopScreen-100x50.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12833 bytes)
Hash
606f1458aa6fc11b0d48b67191cf39ba
2f274405cd91611a444fb4e5e6900ff13a2a207a
414cf86619db7d02f23e4f96639fdf340ee50c245e9b2cd0db2f2024dbbfb220

HTTP Headers

GET /wp-content/uploads/2022/06/FeiLianFortune_TopScreen-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 21:29:10 GMT
accept-ranges: bytes
content-length: 12833
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/MysticMonk_TopScreen-100x50.jpg

50.87.61.62

200 OK

29 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/MysticMonk_TopScreen-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=2160, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3840], baseline, precision 8, 100x50, components 3\012- data
Size
29 kB (29271 bytes)
Hash
d666efa8db3aa36efb3decdc81034030
4d935c31613f8f72710535da16520230f797c660
2a4ac279f733475abbbd8b21d6ac6527486010a162c590e83d0cc5c33a268c86

HTTP Headers

GET /wp-content/uploads/2022/06/MysticMonk_TopScreen-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 21:25:18 GMT
accept-ranges: bytes
content-length: 29271
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2019/09/Loading-Screen-1280X720-2-100x50.png

50.87.61.62

200 OK

12 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2019/09/Loading-Screen-1280X720-2-100x50.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11854 bytes)
Hash
db610e6ca712545de7eaa7a1ae009041
f6bfc037e1b3469d852e42700cdf3555fcf3b375
5c30283755a0051421175a8c1fa64010f525b64aaebc1c79bc834cb20cfed9e2

HTTP Headers

GET /wp-content/uploads/2019/09/Loading-Screen-1280X720-2-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 06 Sep 2019 21:34:03 GMT
accept-ranges: bytes
content-length: 11854
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2020/10/LoadingScreen-100x50.jpg

50.87.61.62

200 OK

4.0 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2020/10/LoadingScreen-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Size
4.0 kB (4017 bytes)
Hash
57aa057fd816cb4fcfb3f17fb8b5abaa
e73377938b29bbaefe287cd9385540813af01922
22a5e32eaa52912f0c33a2820b6186f458b506a3338ba64b671b8b102b12e3f8

HTTP Headers

GET /wp-content/uploads/2020/10/LoadingScreen-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 07 Oct 2020 19:35:09 GMT
accept-ranges: bytes
content-length: 4017
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen-100x50.png

50.87.61.62

200 OK

13 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen-100x50.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12671 bytes)
Hash
3975cb3dd1b92dc3b52a3ecf0acf0d1b
cf89ebbc2ba31616708ae8bcb710ff79dad438c6
7ba6547fb5e114351fb2ab4992b61fc2bb4f37bd90b14352440a5e19a42302a2

HTTP Headers

GET /wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 21:32:59 GMT
accept-ranges: bytes
content-length: 12671
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/lewersJ_EggcellentRiches_Topscreen-100x50.png

50.87.61.62

200 OK

13 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/lewersJ_EggcellentRiches_Topscreen-100x50.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12952 bytes)
Hash
3d0dd1052cf101322070c78184944952
e2dd3ee4090a6fd46aadaacbecf4eb38aa71c15f
fe8d76c2a8d514bd67745f533b74993418892bef717056d6db733565e20ccba5

HTTP Headers

GET /wp-content/uploads/2022/06/lewersJ_EggcellentRiches_Topscreen-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Jun 2022 21:39:17 GMT
accept-ranges: bytes
content-length: 12952
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888

50.87.61.62

200 OK

7.5 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Size
7.5 kB (7536 bytes)
Hash
04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://2by2gaming.com/wp-content/plugins/revslider/public/assets/css/settings.css
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:13 GMT
accept-ranges: bytes
content-length: 7536
content-type: font/woff
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen-100x50.png

50.87.61.62

200 OK

12 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen-100x50.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12271 bytes)
Hash
b32316ee29d35ce11a8975a0c3a43fef
d19bea16a1c1d30a03ae4f5fda6e9ed0c6fb7c68
3769a6aa79081e26c36884b2ae766b2c79e049ccedd3e7b7828881274b6c2745

HTTP Headers

GET /wp-content/uploads/2022/06/lewersJ_ZombieHazard_TopScreen-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 21:51:13 GMT
accept-ranges: bytes
content-length: 12271
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2019/08/Splash_Page_V-100x50.jpg

50.87.61.62

200 OK

4.8 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2019/08/Splash_Page_V-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Size
4.8 kB (4815 bytes)
Hash
0e706a119b96c7c260a024d374c83591
eb0580aea2382bb449ca001f4c1afbe5d633e8b9
8e8e58584b86bffe8b9eb26530eecc9a581966cff9eb3c1045ef2eb613126f96

HTTP Headers

GET /wp-content/uploads/2019/08/Splash_Page_V-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 09 Aug 2019 19:15:55 GMT
accept-ranges: bytes
content-length: 4815
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2021/05/Loading-Screen-100x50.jpg

50.87.61.62

200 OK

1.2 MB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2021/05/Loading-Screen-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 100x50, components 3\012- data
Size
1.2 MB (1215551 bytes)
Hash
c00f401186a387368214391135eedd1c
ca00d54fdea60cf5897ff52c5acbea8347680725
4d04c166940296e40b3ce7ede02af17068b1a1324708fd1275425072c04e352b

HTTP Headers

GET /wp-content/uploads/2021/05/Loading-Screen-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 24 May 2021 18:56:50 GMT
accept-ranges: bytes
content-length: 1215551
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2018/09/Alchemists-Gold_Splash_Screen_1280x720-100x50.jpg

50.87.61.62

200 OK

3.4 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2018/09/Alchemists-Gold_Splash_Screen_1280x720-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Size
3.4 kB (3381 bytes)
Hash
d67d528671ca0a5bad0b63ad3a5c7813
13ce3a942a38c52d4a463566e9209e13cfb402d9
73317ad547e883632280849e5c060199844b3cf8f28e9fd5573a46496fcc4513

HTTP Headers

GET /wp-content/uploads/2018/09/Alchemists-Gold_Splash_Screen_1280x720-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 21:23:05 GMT
accept-ranges: bytes
content-length: 3381
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2019/12/Loading_Screen_1920x1080-100x50.jpg

50.87.61.62

200 OK

4.4 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2019/12/Loading_Screen_1920x1080-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Size
4.4 kB (4367 bytes)
Hash
41d8b361406d72fe6ff71d2ffd8c13e3
b593abcd6a552642a90e7daac0188fca5b30d74b
699df951fff9c4da9eb006a4dbc1625d45d3d63b0bec115ff9b086c83d228a72

HTTP Headers

GET /wp-content/uploads/2019/12/Loading_Screen_1920x1080-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 15 May 2021 08:10:41 GMT
accept-ranges: bytes
content-length: 4367
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8

50.87.61.62

200 OK

22 kB

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
22 kB (21954 bytes)
Hash
7384eca5d57ecbdfc8f217434032466f
95ed803de4477a092ea75edf3f01908b3d0d5994
4e255c9eeaa7b95e0725414f68438fa64d711a431b819db14cb33c80dc2a0d1a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8 HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:03 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2018/09/Fire-N-Fortune_Splash-Screen_1280x720-100x50.jpg

50.87.61.62

200 OK

3.9 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2018/09/Fire-N-Fortune_Splash-Screen_1280x720-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 100x50, components 3\012- data
Size
3.9 kB (3938 bytes)
Hash
38f11616379c4278899de4055f51e3f7
b8ed307cefe60b89355f53792d9b4cba1ed39f3c
4e036bd4279b0b7015a21fd14beede2cde77dcd0da664eb5c0ba3d5a6ef1d31e

HTTP Headers

GET /wp-content/uploads/2018/09/Fire-N-Fortune_Splash-Screen_1280x720-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 21:23:05 GMT
accept-ranges: bytes
content-length: 3938
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2018/12/Agent-Valkrie_Splash-Screen_1280x720-100x50.jpg

50.87.61.62

200 OK

14 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2018/12/Agent-Valkrie_Splash-Screen_1280x720-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:12:14 14:38:39], baseline, precision 8, 100x50, components 3\012- data
Size
14 kB (13890 bytes)
Hash
d5acbaf85988936b9a663d877609c965
7eb4ac3196712d53e86ea1a94f425d59e1206ad4
9d08f56d8472e27f7b05e670dca2a0e4dd6fa6ad9e400e013adb8f01a22267e1

HTTP Headers

GET /wp-content/uploads/2018/12/Agent-Valkrie_Splash-Screen_1280x720-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 21:23:05 GMT
accept-ranges: bytes
content-length: 13890
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2019/04/WebsiteLoadingScreen-100x50.jpg

50.87.61.62

200 OK

3.7 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2019/04/WebsiteLoadingScreen-100x50.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x50, components 3\012- data
Size
3.7 kB (3679 bytes)
Hash
18978e6a17be92d496ce8cc2e7335be8
264ae4326598c4c34a944e8e38d58eadd71cd30c
2f463517a91eeb1054cca0363df0c7cf1be583c673007a5ee5efcad9e339e622

HTTP Headers

GET /wp-content/uploads/2019/04/WebsiteLoadingScreen-100x50.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 23 Apr 2019 20:43:20 GMT
accept-ranges: bytes
content-length: 3679
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

businessdummy.wpengine.com/wp-content/uploads/2015/07/contact_bg.jpg?id=51

104.197.149.35

404 Not Found

17 kB

URL HTTP/2
businessdummy.wpengine.com/wp-content/uploads/2015/07/contact_bg.jpg?id=51
IP
104.197.149.35:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
17 kB (17426 bytes)
Hash
c74ca32a5901d1501d7b16bd49feccae
148cf51033e11c1a7e2f4da7669a0914ef3972e3
b60827cb423632d6db95e30cf25e0069a552ecc853a3e711d931da5f3ca42db8

HTTP Headers

GET /wp-content/uploads/2015/07/contact_bg.jpg?id=51 HTTP/1.1
Host: businessdummy.wpengine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: nginx
date: Fri, 02 Sep 2022 16:24:03 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2021/02/LoadingScreen_GemScatter_2-6-100x50.png

50.87.61.62

200 OK

13 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2021/02/LoadingScreen_GemScatter_2-6-100x50.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12920 bytes)
Hash
e00013a16c744ea15dad4525b2562ba6
fc0b2befbd38ba34c3c2c213c988efbbf9997d31
235ae9235fc47df90282a6a9cd9ff0448f213eeda273d84f5c181136f45ba317

HTTP Headers

GET /wp-content/uploads/2021/02/LoadingScreen_GemScatter_2-6-100x50.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 15 May 2021 08:10:41 GMT
accept-ranges: bytes
content-length: 12920
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/MysticMonk_TopScreen.jpg

50.87.61.62

200 OK

762 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/MysticMonk_TopScreen.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2160, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3840], baseline, precision 8, 1920x1080, components 3\012- data
Size
762 kB (761670 bytes)
Hash
b167f20dbdcdb4fdf3d09df650015ab5
8c9e468f503af9a91ea9425f8c8ce8466434071d
41f2f3ca7c6aea2a8e74c7e51b24f3b8955f7b0f7f191a87f7eec171a8dad723

HTTP Headers

GET /wp-content/uploads/2022/06/MysticMonk_TopScreen.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 17:56:23 GMT
accept-ranges: bytes
content-length: 761670
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/FeiLianFortune_TopScreen.png

50.87.61.62

200 OK

2.5 MB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/FeiLianFortune_TopScreen.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size
2.5 MB (2478171 bytes)
Hash
61b54dfb8516b3b11c735b599ee99a45
22d763e03a908cefaaa64da9affa7a6ac095e2cb
d859c4ca631f2463451bec59a4cb4dea102489f1f102b60733cb7519c39918f8

HTTP Headers

GET /wp-content/uploads/2022/06/FeiLianFortune_TopScreen.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 17:01:42 GMT
accept-ranges: bytes
content-length: 2478171
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3941
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:05 GMT
Last-Modified: Fri, 02 Sep 2022 15:18:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/sdk.js

31.13.72.12

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1961)
Size
1.7 kB (1685 bytes)
Hash
7833bfa786ee22a9b4723a4aa727a0b2
0c8874156152eea02a3af76f833232bdfbb3f5f0
b0f59ba73d802021e4ce3416d625a751e4055afa050984d7372ca4d0c539f36c

HTTP Headers

GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ecd0c9a2ce0bbe3e9c86c41912e35cc1
etag: "5324ec0ce30a1fb0b2fce34da805460c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 02 Sep 2022 16:36:09 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: eDO/p4buIqm0cjpKpyegsg==
x-fb-debug: dbMdcsNSWP0JS+BAfLjr/cvFII90CzHMx3LgrYihAmiD8GgWabXxAw4BQRDZ74y6dzlrlOL+imHIhNYqwA5wPA==
content-length: 1685
x-fb-trip-id: 1904183273
date: Fri, 02 Sep 2022 16:24:05 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/Top-Screen.jpg

50.87.61.62

200 OK

662 kB

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/Top-Screen.jpg
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x1080, components 3\012- data
Size
662 kB (661662 bytes)
Hash
fff29f786888216b542d1a282903f5cc
b9ff1545f9f773708e4d09e1908537a3d7879cc0
c32eb3ea5ff576be4f64621cc7d602ddeb5ce872ef79f57becbeb93e51829da4

HTTP Headers

GET /wp-content/uploads/2022/06/Top-Screen.jpg HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 17:09:22 GMT
accept-ranges: bytes
content-length: 661662
content-type: image/jpeg
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3941
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 16:24:05 GMT
Last-Modified: Fri, 02 Sep 2022 15:18:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

fonts.googleapis.com/css?family=Lato%3A400%2C700%2C300&ver=1622578756

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato%3A400%2C700%2C300&ver=1622578756
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato%3A400%2C700%2C300&ver=1622578756 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 16:24:02 GMT
date: Fri, 02 Sep 2022 16:24:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_plugins.min.js

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/live-composer-page-builder/js/dist/client_plugins.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/live-composer-page-builder/js/dist/client_plugins.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 17:27:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/jquery/jquery.min.js

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-includes/js/jquery/jquery.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 21 Jul 2021 02:05:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/js/scrollmagic.js

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/js/scrollmagic.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/thefox/js/scrollmagic.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 03 Dec 2019 04:10:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen.png

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2022/06/lewersJ_DiscoSeven_TopScreen.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 17:03:28 GMT
accept-ranges: bytes
content-length: 4471607
content-type: image/png
date: Fri, 02 Sep 2022 16:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/js/customjs.js

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/js/customjs.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/thefox/js/customjs.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/style.css

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/style.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/thefox/style.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 15:59:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 02:16:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/uploads/2018/10/2BY2-GAMING-NEW-LOGO-WITH-BLUR-white.png

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/uploads/2018/10/2BY2-GAMING-NEW-LOGO-WITH-BLUR-white.png
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2018/10/2BY2-GAMING-NEW-LOGO-WITH-BLUR-white.png HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 08 Oct 2018 20:02:17 GMT
accept-ranges: bytes
content-length: 454151
content-type: image/png
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 Jun 2022 22:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/style_end.css

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/style_end.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/thefox/style_end.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

2by2gaming.com/wp-content/themes/thefox/css/thefox_js_composer.css

50.87.61.62

200 OK

0 B

URL HTTP/2
2by2gaming.com/wp-content/themes/thefox/css/thefox_js_composer.css
IP
50.87.61.62:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/thefox/css/thefox_js_composer.css HTTP/1.1
Host: 2by2gaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Cookie: ppwp_wp_session=3475c99c577f9661790c67026112ec2a%7C%7C1662137639%7C%7C1662137279
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 26 Dec 2018 18:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Sep 2022 16:24:02 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C600%2C700%2C900%7COpen+Sans%3A700%2C300%2C600%2C400%7CRaleway%3A900%7CPlayfair+Display%7C&ver=6.0.2

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C600%2C700%2C900%7COpen+Sans%3A700%2C300%2C600%2C400%7CRaleway%3A900%7CPlayfair+Display%7C&ver=6.0.2
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato%3A100%2C300%2C400%2C600%2C700%2C900%7COpen+Sans%3A700%2C300%2C600%2C400%7CRaleway%3A900%7CPlayfair+Display%7C&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2by2gaming.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 16:24:02 GMT
date: Fri, 02 Sep 2022 16:24:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (60)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations