Did you mean that it is possible for them to access our account managing to steal cookies from our devices .
... cookies are login authorization and such ... so they can place bets; .. and toast our balance ..
Yes. If they can steal your cookies they can hijack your logged-in session which is already authorised by 2fa.
>>> But they can make withdrawals ?
if the freebitco account is enabled with 2FA and the email on that account is enabled with 2FA, is there still the possibility that he, the thief, will be able to spend beyond our balance, be able to withdraw our balance?
They can only withdraw to the default withdrawal address you have set in your profile. You need a 2fa code to change that address or to withdraw to a different address.