scanning 100%
scan time: 03:00
hints
517
url: https://paybis.com/
Your scan result link: https://webhint.io/scanner/b69148c5-05c5-45a1-8f50-23cfb522ab39
Date: 2019-11-20T15:24:45.947Z
webhint version: 5.4.1
hint #1: 'html[dir]' is not supported by Edge.
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">hint #2: 'input[inputmode]' is not supported by Chrome < 66, Firefox, Firefox Android, Safari.
<input type="number" class="form-control you-give has-focus" id="sell-fiat-amount" pattern="^[0-9]+([\.][0-9]+)?$" inputmode="numeric" placeholder="0.00" step="0.01" tabindex="1" value="0">hint #3: 'input[inputmode]' is not supported by Chrome < 66, Firefox, Firefox Android, Safari.
<input id="crypto-amount" type="number" class="form-control you-give amount-crypto" pattern="^[0-9]+([\.][0-9]+)?$" inputmode="numeric" placeholder="0.00000" tabindex="2" step="0.00001">hint #4: 'input[inputmode]' is not supported by Chrome < 66, Firefox, Firefox Android, Safari.
<input type="number" class="form-control" id="amount-to" pattern="^[0-9]+([\.][0-9]+)?$" inputmode="numeric" placeholder="0.00" step="0.01" tabindex="3" value="">hint #5: 'input[inputmode]' is not supported by Chrome < 66, Firefox, Firefox Android, Safari.
<input type="number" class="form-control amount-crypto" id="crypto-amount-receive" pattern="^[0-9]+([\.][0-9]+)?$" inputmode="numeric" placeholder="0.00000" step="0.00001" tabindex="4">hint #6: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.
<iframe style="position: absolute; top: 0; left: 0;" width="100%" height="100%" data-lazy-src="https://www.youtube.com//embed … autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen="" src="https://www.youtube.com//embed/gNWuU55OeFg">hint #7: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.
<iframe width="100%" height="175" scrolling="no" frameborder="no" allow="autoplay" data-lazy-src="https://w.soundcloud.com … play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true">hint #8: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.
<iframe style="position: absolute; top: 0; left: 0;" width="100%" height="100%" data-lazy-src="https://www.youtube.com/embed … autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen="" src="https://www.youtube.com/embed/hhg_pvk4w5E">hint #9: 'time' is not supported by Chrome < 62, Samsung Internet.
<time datetime="2019-11-15">Nov 15, 2019 @ 13:45 UTC</time>hint #10: 'time' is not supported by Chrome < 62, Samsung Internet.
<time datetime="2019-10-21">Oct 21, 2019 @ 10:26 UTC</time>hint #11: 'time' is not supported by Chrome < 62, Samsung Internet.
<time datetime="2019-10-23">Oct 23, 2019 @ 09:14 UTC</time>hint #12: 'time' is not supported by Chrome < 62, Samsung Internet.
<time datetime="2019-10-23">Oct 23, 2019 @ 09:18 UTC</time>hint #13: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.
<iframe name="f10bef4359599d" width="1000px" height="1000px" title="fb:like Facebook Social Plugin" frameborder="0" allowtransparency … joey&share=false&show_faces=false" style="border: none; visibility: visible; width: 58px; height: 40px;" class="">hint #14: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.
<iframe name="fb_xdm_frame_https" id="fb_xdm_frame_https" aria-hidden="true" title="Facebook Cross Domain Communication Frame … com/connect/xd_arbiter.php?version=44#channel=f29b86819a3296c&origin=https%3A%2F%2Fpaybis.com" style="border: none;">hint #15: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.
<iframe src="https://2-vbus-eu.ladesk.com/5_15_11_2/scripts/lib/bus.html?v=5.15.11.2#%7B%22location%22%3A%22https%3A%2F%2Fpaybis … allowfullscreen="true" allow="microphone; camera" style="display: none; position: fixed; border: 0px; overflow: hidden;">hint #1: 'content-type' header charset value should be 'utf-8'.
https://widget.trustpilot … 5577004d0000ff000580102b
Content-Type: text/htmlhint #2: 'content-type' header charset value should be 'utf-8'.
https://widget.trustpilot … 5577004d0000ff000580102b
Content-Type: text/htmlhint #3: 'content-type' header charset value should be 'utf-8'.
https://w.soundcloud … false&show_teaser=true
Content-Type: text/htmlhint #4: 'content-type' header charset value should be 'utf-8'.
https://vars.hotjar.com … e933fad3a2e45df61b38.html
Content-Type: text/htmlhint #5: 'content-type' header media type value should be 'application/x-httpd-php', not 'text/html'.
https://staticxx.facebook … arbiter.php?version=44
Content-Type: text/html; charset=utf-8hint #6: 'content-type' header charset value should be 'utf-8'.
https://2-vbus-eu.ladesk … bus.html?v=5.15.11.2
Content-Type: text/htmlhint #7: 'content-type' header media type value should be 'application/x-httpd-php', not 'text/html'.
https://www.facebook … false&show_faces=false
Content-Type: text/html; charset="utf-8"hint #8: 'content-type' header charset value should be 'utf-8'.
https://paybis.com/assets … 07a289dcd80997cc24989.css
Content-Type: text/csshint #9: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.
https://widget.trustpilot … widget.bootstrap.min.js
Content-Type: application/x-javascripthint #10: 'content-type' header charset value should be 'utf-8'.
https://widget.trustpilot … widget.bootstrap.min.js
Content-Type: application/x-javascripthint #11: 'content-type' header charset value should be 'utf-8'.
https://paybis.com/cdn … tatic/email-decode.min.js
Content-Type: application/javascripthint #12: 'content-type' header media type value should be 'font/woff2', not 'application/octet-stream'.
https://paybis.com/assets … illic_latin-regular.woff2
Content-Type: application/octet-streamhint #13: 'content-type' header media type value should be 'font/woff2', not 'application/octet-stream'.
https://paybis.com/assets … bfonts/fa-solid-900.woff2
Content-Type: application/octet-streamhint #14: 'content-type' header media type value should be 'font/woff2', not 'application/octet-stream'.
https://paybis.com/assets … cyrillic_latin-700.woff2
Content-Type: application/octet-streamhint #15: 'content-type' header media type value should be 'font/woff2', not 'application/octet-stream'.
https://paybis.com/assets … fonts/fa-brands-400.woff2
Content-Type: application/octet-streamhint #16: 'content-type' header media type value should be 'font/woff2', not 'application/octet-stream'.
https://paybis.com/assets … cyrillic_latin-300.woff2
Content-Type: application/octet-streamhint #17: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.
https://connect.facebook.net/en_US/sdk.js
Content-Type: application/x-javascript; charset=utf-8hint #18: 'content-type' header charset value should be 'utf-8'.
https://paybis.ladesk.com/scripts/track.js
Content-Type: application/javascripthint #19: 'content-type' header charset value should be 'utf-8'.
https://paybis.com/resources/paybisLogoNoText.svg
Content-Type: image/svg+xmlhint #20: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.
https://connect.facebook.net/en_US/fbevents.js
Content-Type: application/x-javascript; charset=utf-8hint #21: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.
https://connect.facebook … 41ec3899007&ua=modern_es6
Content-Type: application/x-javascript; charset=utf-8hint #22: 'content-type' header charset value should be 'utf-8'.
https://static.hotjar.com/c/hotjar-155484.js?sv=5
Content-Type: application/javascripthint #23: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.
https://widget.trustpilot … 7fa0340045cd0c936/main.js
Content-Type: application/x-javascripthint #24: 'content-type' header charset value should be 'utf-8'.
https://widget.trustpilot … 7fa0340045cd0c936/main.js
Content-Type: application/x-javascripthint #25: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.
https://widget.trustpilot … fc6454f065c28af8b/main.js
Content-Type: application/x-javascripthint #26: 'content-type' header charset value should be 'utf-8'.
https://widget.trustpilot … fc6454f065c28af8b/main.js
Content-Type: application/x-javascripthint #27: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.
https://connect.facebook … 5687361?v=2.9.13&r=stable
Content-Type: application/x-javascript; charset=utf-8hint #28: 'content-type' header charset value should be 'utf-8'.
https://www.youtube.com … player-webp-vfl531yHL.css
Content-Type: text/csshint #29: 'content-type' header charset value should be 'utf-8'.
https://www.youtube.com … muzAg/www-embed-player.js
Content-Type: text/javascripthint #30: 'content-type' header charset value should be 'utf-8'.
https://www.youtube.com … vfl8EyRMW/en_US/base.js
Content-Type: text/javascripthint #31: 'content-type' header charset value should be 'utf-8'.
https://www.youtube.com … player-webp-vfl531yHL.css
Content-Type: text/csshint #32: 'content-type' header charset value should be 'utf-8'.
https://www.youtube.com … muzAg/www-embed-player.js
Content-Type: text/javascripthint #33: 'content-type' header charset value should be 'utf-8'.
https://script.hotjar … 654cbaa3f0bd561e7235.js
Content-Type: application/javascripthint #34: 'content-type' header media type value should be 'application/x-httpd-php', not 'application/x-javascript'.
https://paybis.ladesk … 7B%7D&vn=Y&ci=&jstk=Y
Content-Type: application/x-javascripthint #35: 'content-type' header charset value should be 'utf-8'.
https://widget.sndcdn … idget-eb595a5-7505829a.js
Content-Type: application/javascripthint #36: 'content-type' header charset value should be 'utf-8'.
https://widget.sndcdn … sound-7a5529e-7a528cf9.js
Content-Type: application/javascripthint #37: 'content-type' header charset value should be 'utf-8'.
https://www.youtube.com … vfl8EyRMW/en_US/base.js
Content-Type: text/javascripthint #38: 'content-type' header charset value should be 'utf-8'.
https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js
Content-Type: text/javascripthint #39: 'content-type' header charset value should be 'utf-8'.
https://static.doubleclic … instream/ad_status.js
Content-Type: text/javascripthint #40: 'content-type' header charset value should be 'utf-8'.
https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js
Content-Type: text/javascripthint #41: 'content-type' header charset value should be 'utf-8'.
https://static.doubleclic … instream/ad_status.js
Content-Type: text/javascripthint #43: 'content-type' header charset value should be 'utf-8'.
https://www.youtube.com … vfl8EyRMW/en_US/remote.js
Content-Type: text/javascripthint #44: 'content-type' header charset value should be 'utf-8'.
https://www.youtube.com … vfl8EyRMW/en_US/remote.js
Content-Type: text/javascripthint #45: 'content-type' header charset value should be 'utf-8'.
https://wave.sndcdn.com/8KbLM4l2p41B_m.json
Content-Type: application/jsonhint #46: 'content-type' header charset value should be 'utf-8'.
https://cdn.siftscience.com/s.js?_=1574263493428
Content-Type: application/javascripthint #47: 'content-type' header value should not contain 'charset=utf-8'.
https://syndication.twitt … 22impression%22%7D%7D
Content-Type: image/gif;charset=utf-8hint #48: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.
https://www.facebook … js?_nc_x=Ij3Wp8lg5Kz
Content-Type: application/x-javascript; charset=utf-8hint #49: 'content-type' header media type value should be 'image/png', not 'image/x-icon'.
https://paybis.com/favicon.ico
Content-Type: image/x-iconhint #1: Text-based resource should not start with BOM character.
https://widget.trustpilot … widget.bootstrap.min.js
<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>hint #1: P3P should not be used as it is deprecated.
https://www.youtube.com//embed/gNWuU55OeFg
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."hint #2: P3P should not be used as it is deprecated.
https://www.youtube.com/embed/hhg_pvk4w5E
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."hint #3: P3P should not be used as it is deprecated.
https://w.soundcloud … false&show_teaser=true
P3P: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"hint #4: P3P should not be used as it is deprecated.
https://platform.twitter … https%3A%2F%2Fpaybis.com
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"hint #5: P3P should not be used as it is deprecated.
https://platform.twitter … 3368df1a320e00cbf.en.html
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"hint #6: P3P should not be used as it is deprecated.
https://apis.google.com/js/platform.js
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."hint #7: P3P should not be used as it is deprecated.
https://platform.twitter.com/widgets.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"hint #8: P3P should not be used as it is deprecated.
https://www.google.com … 331574&_v=j79&z=546748318
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"hint #9: P3P should not be used as it is deprecated.
https://www.google.com … 6280358&_v=j79&z=66113206
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"hint #10: P3P should not be used as it is deprecated.
https://platform.twitter … fa3e281bb07d1de2c3bee3.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"hint #11: P3P should not be used as it is deprecated.
https://googleads.g.doubleclick.net/pagead/id
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"hint #12: P3P should not be used as it is deprecated.
https://googleads.g.doubl … net/pagead/id?slf_rd=1
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"hint #1: The directive "must-revalidate" is not recommended
Cache-Control: no-store, no-cache, must-revalidatehint #2: The target should not be cached, or have a small "max-age" value (180): max-age=86400
https://widget.trustpilot … 5577004d0000ff000580102b
Cache-Control: max-age=86400hint #3: The target should not be cached, or have a small "max-age" value (180): max-age=86400
https://widget.trustpilot … 5577004d0000ff000580102b
Cache-Control: max-age=86400hint #4: The target should not be cached, or have a small "max-age" value (180): public, max-age=300
https://w.soundcloud … false&show_teaser=true
Cache-Control: public, max-age=300hint #5: The target should not be cached, or have a small "max-age" value (180): public, max-age=315360000
https://platform.twitter … https%3A%2F%2Fpaybis.com
Cache-Control: public, max-age=315360000hint #6: The target should not be cached, or have a small "max-age" value (180): max-age=31536000
https://vars.hotjar.com … e933fad3a2e45df61b38.html
Cache-Control: max-age=31536000hint #7: The target should not be cached, or have a small "max-age" value (180): public,max-age=31536000,immutable
https://staticxx.facebook … arbiter.php?version=44
Cache-Control: public,max-age=31536000,immutablehint #9: The target should not be cached, or have a small "max-age" value (180): public, max-age=315360000
https://platform.twitter … 3368df1a320e00cbf.en.html
Cache-Control: public, max-age=315360000hint #10: The directive "must-revalidate" is not recommended
https://www.facebook … false&show_faces=false
Cache-Control: private, no-cache, no-store, must-revalidatehint #11: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-1.png
Cache-Control: max-age=86400, publichint #12: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-1.png
Cache-Control: max-age=86400, publichint #13: Static resources should use the "immutable" directive: Directives used: max-age=31536000, public
https://paybis.com/assets … 702f64f583f8/raven.min.js
Cache-Control: max-age=31536000, publichint #14: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/resources/placeholder.png
Cache-Control: max-age=86400, publichint #15: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/resources/placeholder.png
Cache-Control: max-age=86400, publichint #16: Static resources should use the "immutable" directive: Directives used: max-age=31536000, public
https://paybis.com/assets … 07a289dcd80997cc24989.css
Cache-Control: max-age=31536000, publichint #17: Static resources should use the "immutable" directive: Directives used: max-age=31536000, public
https://paybis.com/assets … c3ecf8abe26ed2f0abe6b8.js
Cache-Control: max-age=31536000, publichint #18: Static resources should have a long cache value (31536000): Directives used: max-age=86400
https://widget.trustpilot … widget.bootstrap.min.js
Cache-Control: max-age=86400hint #19: Static resources should use the "immutable" directive: Directives used: max-age=86400
https://widget.trustpilot … widget.bootstrap.min.js
Cache-Control: max-age=86400hint #20: Static resources should have a long cache value (31536000): Directives used: max-age=172800, public
https://paybis.com/cdn … tatic/email-decode.min.js
Cache-Control: max-age=172800, publichint #21: Static resources should use the "immutable" directive: Directives used: max-age=172800, public
https://paybis.com/cdn … tatic/email-decode.min.js
Cache-Control: max-age=172800, publichint #22: Static resources should use the "immutable" directive: Directives used: max-age=31536000, public
https://paybis.com/js/lazyImgLoader.js
Cache-Control: max-age=31536000, publichint #23: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-3.png
Cache-Control: max-age=86400, publichint #24: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-3.png
Cache-Control: max-age=86400, publichint #25: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-2.png
Cache-Control: max-age=86400, publichint #26: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-2.png
Cache-Control: max-age=86400, publichint #27: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-4.png
Cache-Control: max-age=86400, publichint #28: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-4.png
Cache-Control: max-age=86400, publichint #29: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-7.png
Cache-Control: max-age=86400, publichint #30: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-7.png
Cache-Control: max-age=86400, publichint #31: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-8.png
Cache-Control: max-age=86400, publichint #32: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/resour … guide/step-by-step-8.png
Cache-Control: max-age=86400, publichint #33: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/resour … PayBisLogo-SmallRing.png
Cache-Control: max-age=86400, publichint #34: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/resour … PayBisLogo-SmallRing.png
Cache-Control: max-age=86400, publichint #35: Static resources should have a long cache value (31536000): Directives used: private, max-age=900
https://www.googletagmana … gtm.js?id=GTM-NZTTKV4
Cache-Control: private, max-age=900hint #36: Static resources should use the "immutable" directive: Directives used: private, max-age=900
https://www.googletagmana … gtm.js?id=GTM-NZTTKV4
Cache-Control: private, max-age=900hint #37: Static resources should have a long cache value (31536000): Directives used: public
https://s3.amazonaws … to+BTC/DE/Step+4.2.PNG
Cache-Control: publichint #38: Static resources should use the "immutable" directive: Directives used: public
https://s3.amazonaws … to+BTC/DE/Step+4.2.PNG
Cache-Control: publichint #39: Static resources should have a long cache value (31536000): Directives used: public
https://s3.amazonaws … to+BTC/DE/Step+4.3.PNG
Cache-Control: publichint #40: Static resources should use the "immutable" directive: Directives used: public
https://s3.amazonaws … to+BTC/DE/Step+4.3.PNG
Cache-Control: publichint #41: The following directive has an invalid value: stale-while-revalidate=1800
https://apis.google.com/js/platform.js
Cache-Control: private, max-age=1800, stale-while-revalidate=1800hint #42: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/resources/btc_bg_black.png
Cache-Control: max-age=86400, publichint #43: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/resources/btc_bg_black.png
Cache-Control: max-age=86400, publichint #44: Static resources should have a long cache value (31536000): Directives used: max-age=2592000, public
https://paybis.com/assets … illic_latin-regular.woff2
Cache-Control: max-age=2592000, publichint #45: Static resources should use the "immutable" directive: Directives used: max-age=2592000, public
https://paybis.com/assets … illic_latin-regular.woff2
Cache-Control: max-age=2592000, publichint #46: Static resources should have a long cache value (31536000): Directives used: max-age=2592000, public
https://paybis.com/assets … bfonts/fa-solid-900.woff2
Cache-Control: max-age=2592000, publichint #47: Static resources should use the "immutable" directive: Directives used: max-age=2592000, public
https://paybis.com/assets … bfonts/fa-solid-900.woff2
Cache-Control: max-age=2592000, publichint #48: Static resources should have a long cache value (31536000): Directives used: max-age=2592000, public
https://paybis.com/assets … cyrillic_latin-700.woff2
Cache-Control: max-age=2592000, publichint #49: Static resources should use the "immutable" directive: Directives used: max-age=2592000, public
https://paybis.com/assets … cyrillic_latin-700.woff2
Cache-Control: max-age=2592000, publichint #50: Static resources should have a long cache value (31536000): Directives used: max-age=2592000, public
https://paybis.com/assets … fonts/fa-brands-400.woff2
Cache-Control: max-age=2592000, publichint #51: Static resources should use the "immutable" directive: Directives used: max-age=2592000, public
https://paybis.com/assets … fonts/fa-brands-400.woff2
Cache-Control: max-age=2592000, publichint #52: Static resources should have a long cache value (31536000): Directives used: max-age=2592000, public
https://paybis.com/assets … cyrillic_latin-300.woff2
Cache-Control: max-age=2592000, publichint #53: Static resources should use the "immutable" directive: Directives used: max-age=2592000, public
https://paybis.com/assets … cyrillic_latin-300.woff2
Cache-Control: max-age=2592000, publichint #54: Static resources should have a long cache value (31536000): Directives used: public, max-age=1800
https://platform.twitter.com/widgets.js
Cache-Control: public, max-age=1800hint #55: Static resources should use the "immutable" directive: Directives used: public, max-age=1800
https://platform.twitter.com/widgets.js
Cache-Control: public, max-age=1800hint #56: The following directive has an invalid value: stale-while-revalidate=3600
https://connect.facebook.net/en_US/sdk.js
Cache-Control: public,max-age=1200,stale-while-revalidate=3600hint #57: The directive "must-revalidate" is not recommended
https://paybis.com/twitter-count/
Cache-Control: no-store, no-cache, must-revalidatehint #58: Static resources should have a long cache value (31536000): Directives used: max-age=21600
https://paybis.ladesk.com/scripts/track.js
Cache-Control: max-age=21600hint #59: Static resources should use the "immutable" directive: Directives used: max-age=21600
https://paybis.ladesk.com/scripts/track.js
Cache-Control: max-age=21600hint #60: The directive "must-revalidate" is not recommended
https://paybis.com/get-crypto-rates/
Cache-Control: no-store, no-cache, must-revalidatehint #62: The directive "must-revalidate" is not recommended
https://paybis.com/get … credit-card&isSellPage=0
Cache-Control: no-store, no-cache, must-revalidatehint #63: Static resources should have a long cache value (31536000): Directives used: public, max-age=1200
https://connect.facebook.net/en_US/fbevents.js
Cache-Control: public, max-age=1200hint #64: Static resources should use the "immutable" directive: Directives used: public, max-age=1200
https://connect.facebook.net/en_US/fbevents.js
Cache-Control: public, max-age=1200hint #65: The following directive has an invalid value: stale-while-revalidate=3600
https://connect.facebook … 41ec3899007&ua=modern_es6
Cache-Control: public,max-age=31536000,stale-while-revalidate=3600,immutablehint #66: Static resources should have a long cache value (31536000): Directives used: max-age=60
https://static.hotjar.com/c/hotjar-155484.js?sv=5
Cache-Control: max-age=60hint #67: Static resources should use the "immutable" directive: Directives used: max-age=60
https://static.hotjar.com/c/hotjar-155484.js?sv=5
Cache-Control: max-age=60hint #68: Static resources should have a long cache value (31536000): Directives used: max-age=86400
https://widget.trustpilot … 7fa0340045cd0c936/main.js
Cache-Control: max-age=86400hint #69: Static resources should use the "immutable" directive: Directives used: max-age=86400
https://widget.trustpilot … 7fa0340045cd0c936/main.js
Cache-Control: max-age=86400hint #70: Static resources should have a long cache value (31536000): Directives used: max-age=86400
https://widget.trustpilot … fc6454f065c28af8b/main.js
Cache-Control: max-age=86400hint #71: Static resources should use the "immutable" directive: Directives used: max-age=86400
https://widget.trustpilot … fc6454f065c28af8b/main.js
Cache-Control: max-age=86400hint #72: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/images … 434030674-BitcoinLogo.png
Cache-Control: max-age=86400, publichint #73: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/images … 434030674-BitcoinLogo.png
Cache-Control: max-age=86400, publichint #74: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public
https://paybis.com/images … 478541033-Credit-Card.png
Cache-Control: max-age=86400, publichint #75: Static resources should use the "immutable" directive: Directives used: max-age=86400, public
https://paybis.com/images … 478541033-Credit-Card.png
Cache-Control: max-age=86400, publichint #76: Static resources should have a long cache value (31536000): Directives used: public, max-age=1200
https://connect.facebook … 5687361?v=2.9.13&r=stable
Cache-Control: public, max-age=1200hint #77: Static resources should use the "immutable" directive: Directives used: public, max-age=1200
https://connect.facebook … 5687361?v=2.9.13&r=stable
Cache-Control: public, max-age=1200hint #78: The directive "must-revalidate" is not recommended
https://paybis.com/site/client-id/
Cache-Control: no-store, no-cache, must-revalidatehint #79: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000
https://www.youtube.com … player-webp-vfl531yHL.css
Cache-Control: public, max-age=31536000hint #80: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200
https://www.youtube.com … muzAg/www-embed-player.js
Cache-Control: public, max-age=691200hint #81: Static resources should use the "immutable" directive: Directives used: public, max-age=691200
https://www.youtube.com … muzAg/www-embed-player.js
Cache-Control: public, max-age=691200hint #82: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200
https://www.youtube.com … vfl8EyRMW/en_US/base.js
Cache-Control: public, max-age=691200hint #83: Static resources should use the "immutable" directive: Directives used: public, max-age=691200
https://www.youtube.com … vfl8EyRMW/en_US/base.js
Cache-Control: public, max-age=691200hint #84: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000
https://www.youtube.com … player-webp-vfl531yHL.css
Cache-Control: public, max-age=31536000hint #85: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200
https://www.youtube.com … muzAg/www-embed-player.js
Cache-Control: public, max-age=691200hint #86: Static resources should use the "immutable" directive: Directives used: public, max-age=691200
https://www.youtube.com … muzAg/www-embed-player.js
Cache-Control: public, max-age=691200hint #87: Static resources should use the "immutable" directive: Directives used: max-age=31536000
https://script.hotjar … 654cbaa3f0bd561e7235.js
Cache-Control: max-age=31536000hint #88: The following directives have an invalid value: post-check=0 pre-check=0
https://paybis.ladesk … 7B%7D&vn=Y&ci=&jstk=Y
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0hint #89: The directive "must-revalidate" is not recommended
https://syndication.twitter.com/settings
Cache-Control: must-revalidate, max-age=600hint #90: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200
https://www.youtube.com … vfl8EyRMW/en_US/base.js
Cache-Control: public, max-age=691200hint #91: Static resources should use the "immutable" directive: Directives used: public, max-age=691200
https://www.youtube.com … vfl8EyRMW/en_US/base.js
Cache-Control: public, max-age=691200hint #92: The directive "must-revalidate" is not recommended
https://www.google.com … 331574&_v=j79&z=546748318
Cache-Control: no-cache, no-store, must-revalidatehint #93: The directive "must-revalidate" is not recommended
https://www.google.com … 6280358&_v=j79&z=66113206
Cache-Control: no-cache, no-store, must-revalidatehint #94: Static resources should use the "immutable" directive: Directives used: public, max-age=315360000
https://platform.twitter … fa3e281bb07d1de2c3bee3.js
Cache-Control: public, max-age=315360000hint #95: The directive "must-revalidate" is not recommended
https://www.facebook … 3495257&coo=false&rqm=GET
Cache-Control: no-cache, must-revalidate, max-age=0hint #96: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000
https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js
Cache-Control: public, max-age=31536000hint #97: Static resources should have a long cache value (31536000): Directives used: public, max-age=900
https://static.doubleclic … instream/ad_status.js
Cache-Control: public, max-age=900hint #98: Static resources should use the "immutable" directive: Directives used: public, max-age=900
https://static.doubleclic … instream/ad_status.js
Cache-Control: public, max-age=900hint #99: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000
https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js
Cache-Control: public, max-age=31536000hint #100: Static resources should have a long cache value (31536000): Directives used: public, max-age=900
https://static.doubleclic … instream/ad_status.js
Cache-Control: public, max-age=900hint #101: Static resources should use the "immutable" directive: Directives used: public, max-age=900
https://static.doubleclic … instream/ad_status.js
Cache-Control: public, max-age=900hint #102: The directive "must-revalidate" is not recommended
https://googleads.g.doubleclick.net/pagead/id
Cache-Control: no-cache, no-store, must-revalidatehint #104: The directive "no-store" is not recommended
https://widget.trustpilot … 5419b637fa0340045cd0c936
Cache-Control: no-store,no-cachehint #105: The directive "no-store" is not recommended
https://widget.trustpilot … 54ad5defc6454f065c28af8b
Cache-Control: no-store,no-cachehint #106: The directive "no-store" is not recommended
https://widget.trustpilot … 5419b637fa0340045cd0c936
Cache-Control: no-store,no-cachehint #107: The directive "must-revalidate" is not recommended
https://googleads.g.doubl … net/pagead/id?slf_rd=1
Cache-Control: no-cache, no-store, must-revalidatehint #108: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200
https://www.youtube.com … vfl8EyRMW/en_US/remote.js
Cache-Control: public, max-age=691200hint #109: Static resources should use the "immutable" directive: Directives used: public, max-age=691200
https://www.youtube.com … vfl8EyRMW/en_US/remote.js
Cache-Control: public, max-age=691200hint #110: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200
https://www.youtube.com … vfl8EyRMW/en_US/remote.js
Cache-Control: public, max-age=691200hint #111: Static resources should use the "immutable" directive: Directives used: public, max-age=691200
https://www.youtube.com … vfl8EyRMW/en_US/remote.js
Cache-Control: public, max-age=691200hint #112: Static resources should have a long cache value (31536000): Directives used: public,max-age=3612701
https://i1.sndcdn.com … 28883-1qw563-t200x200.jpg
Cache-Control: public,max-age=3612701hint #113: Static resources should use the "immutable" directive: Directives used: public,max-age=3612701
https://i1.sndcdn.com … 28883-1qw563-t200x200.jpg
Cache-Control: public,max-age=3612701hint #114: The directive "must-revalidate" is not recommended
https://api-widget.soundc … app_version=1574158796
Cache-Control: max-age=600, must-revalidatehint #117: Static resources should have a long cache value (31536000): Directives used: public, max-age=86400
https://cdn.siftscience.com/s.js?_=1574263493428
Cache-Control: public, max-age=86400hint #118: Static resources should use the "immutable" directive: Directives used: public, max-age=86400
https://cdn.siftscience.com/s.js?_=1574263493428
Cache-Control: public, max-age=86400hint #119: The following directives have an invalid value: pre-check=0 post-check=0
https://syndication.twitt … 22impression%22%7D%7D
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0hint #120: The following directive has an invalid value: no-cache=set-cookie
https://hexagon-analytics … aa799830c8f9240f4a096&z=z
Cache-Control: private, no-cache, no-cache=set-cookie, proxy-revalidatehint #121: The directive "must-revalidate" is not recommended
https://www.facebook … 6761410244585151478-0
Cache-Control: private, no-store, no-cache, must-revalidatehint #2: Response should not include 'content-encoding' header for requests made with 'accept-encoding: identity'.
hint #4: Response should not include 'content-encoding' header for requests made with 'accept-encoding: identity'.
hint #5: Response should include 'vary' header containing 'accept-encoding' value.
https://widget.trustpilot … 5577004d0000ff000580102b
Vary:
Cache-Control: max-age=86400hint #6: Response should include 'vary' header containing 'accept-encoding' value.
https://widget.trustpilot … 5577004d0000ff000580102b
Vary:
Cache-Control: max-age=86400hint #7: Response should include 'vary' header containing 'accept-encoding' value.
https://www.youtube.com/embed/hhg_pvk4w5E
Vary:
Cache-Control: no-cachehint #8: Response should include 'vary' header containing 'accept-encoding' value.
https://www.youtube.com//embed/gNWuU55OeFg
Vary:
Cache-Control: no-cachehint #9: Response should include 'vary' header containing 'accept-encoding' value.
https://w.soundcloud … false&show_teaser=true
Vary:
Cache-Control: public, max-age=300hint #11: Response should not include 'content-encoding' header.
https://staticxx.facebook … arbiter.php?version=44
Content-Encoding: gziphint #12: Response should include 'vary' header containing 'accept-encoding' value.
https://2-vbus-eu.ladesk … bus.html?v=5.15.11.2
Vary:
Cache-Control:hint #14: Response should not include 'content-encoding' header.
https://www.facebook … false&show_faces=false
Content-Encoding: brhint #15: Response should be compressed with Zopfli when gzip compression is requested.
https://paybis.com/assets … 702f64f583f8/raven.min.js
<script src="/assets/9db333b08a66e9eb79cc702f64f583f8/raven.min.js"></script>hint #16: Response should be compressed with Zopfli when gzip compression is requested.
https://paybis.com/assets … 07a289dcd80997cc24989.css
<link href="/assets/all-2620c64200e07a289dcd80997cc24989.css" rel="stylesheet">hint #17: Response should be compressed with Zopfli when gzip compression is requested.
https://paybis.com/assets … c3ecf8abe26ed2f0abe6b8.js
<script src="/assets/all-39bc476d52c3ecf8abe26ed2f0abe6b8.js"></script>hint #18: Response should not be compressed for requests made with 'accept-encoding: identity'.
https://widget.trustpilot … widget.bootstrap.min.js
<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>hint #19: Response should not include 'content-encoding' header for requests made with 'accept-encoding: identity'.
https://widget.trustpilot … widget.bootstrap.min.js
<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>hint #20: Response should be compressed with Zopfli when gzip compression is requested.
https://widget.trustpilot … widget.bootstrap.min.js
<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>hint #21: Response should include 'vary' header containing 'accept-encoding' value.
https://widget.trustpilot … widget.bootstrap.min.js
Vary:
Cache-Control: max-age=86400hint #22: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
https://widget.trustpilot … widget.bootstrap.min.js
<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>hint #24: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #25: Response should be compressed with Zopfli when gzip compression is requested.
https://paybis.com/js/lazyImgLoader.js
<script src="/js/lazyImgLoader.js"></script>hint #26: Response should be compressed with Zopfli when gzip compression is requested.
https://www.googletagmana … gtm.js?id=GTM-NZTTKV4
<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>hint #27: Response should be compressed with Zopfli when gzip compression is requested.
https://apis.google.com/js/platform.js
<script src="//apis.google.com/js/platform.js" async="" defer="" gapi_processed="true"></script>hint #28: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
https://apis.google.com/js/platform.js
<script src="//apis.google.com/js/platform.js" async="" defer="" gapi_processed="true"></script>hint #29: Response should be compressed with Zopfli when gzip compression is requested.
https://platform.twitter.com/widgets.js
<script id="twitter-wjs" src="https://platform.twitter.com/widgets.js"></script>hint #30: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
https://platform.twitter.com/widgets.js
<script id="twitter-wjs" src="https://platform.twitter.com/widgets.js"></script>hint #32: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #33: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.
hint #34: Response should not be served compressed with Brotli as the compressed size is bigger than the uncompressed one.
hint #35: Response should be compressed with Zopfli when gzip compression is requested.
https://paybis.ladesk.com/scripts/track.js
<script id="la_x2s6df8d" async="" src="https://paybis.ladesk.com/scripts/track.js"></script>hint #36: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
https://paybis.ladesk.com/scripts/track.js
<script id="la_x2s6df8d" async="" src="https://paybis.ladesk.com/scripts/track.js"></script>hint #38: Response should be compressed with Zopfli when gzip compression is requested.
https://paybis.com/resources/paybisLogoNoText.svg
<img class="" src="/resources/paybisLogoNoText.svg" alt="" data-src="/resources/paybisLogoNoText.svg">hint #40: Response should not be compressed for requests made with 'accept-encoding: identity'.
https://connect.facebook.net/en_US/fbevents.js
<script async="" src="https://connect.facebook.net/en_US/fbevents.js"></script>hint #41: Response should be compressed with Zopfli when gzip compression is requested.
https://connect.facebook.net/en_US/fbevents.js
<script async="" src="https://connect.facebook.net/en_US/fbevents.js"></script>hint #42: Response should include 'content-encoding: br' header.
https://connect.facebook.net/en_US/fbevents.js
<script async="" src="https://connect.facebook.net/en_US/fbevents.js"></script>hint #43: Response should be compressed with Zopfli when gzip compression is requested.
https://connect.facebook … 41ec3899007&ua=modern_es6
<script src="https://connect.facebook.net/en_US/sdk.js?hash=3f651d529bbafe5af6d4e41ec3899007&ua=modern_es6" async="" crossorigin="anonymous">hint #44: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
https://connect.facebook … 41ec3899007&ua=modern_es6
<script src="https://connect.facebook.net/en_US/sdk.js?hash=3f651d529bbafe5af6d4e41ec3899007&ua=modern_es6" async="" crossorigin="anonymous">hint #45: Response should be compressed with Zopfli when gzip compression is requested.
https://static.hotjar.com/c/hotjar-155484.js?sv=5
<script type="text/javascript" async="" src="//static.hotjar.com/c/hotjar-155484.js?sv=5"></script>hint #46: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
https://static.hotjar.com/c/hotjar-155484.js?sv=5
<script type="text/javascript" async="" src="//static.hotjar.com/c/hotjar-155484.js?sv=5"></script>hint #48: Response should not include 'content-encoding' header for requests made with 'accept-encoding: identity'.
hint #50: Response should include 'vary' header containing 'accept-encoding' value.
https://widget.trustpilot … 7fa0340045cd0c936/main.js
Vary:
Cache-Control: max-age=86400hint #51: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #53: Response should not include 'content-encoding' header for requests made with 'accept-encoding: identity'.
hint #55: Response should include 'vary' header containing 'accept-encoding' value.
https://widget.trustpilot … fc6454f065c28af8b/main.js
Vary:
Cache-Control: max-age=86400hint #56: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #57: Response should be compressed with Zopfli when gzip compression is requested.
https://connect.facebook … 5687361?v=2.9.13&r=stable
<script src="https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&r=stable" async="">hint #58: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
https://connect.facebook … 5687361?v=2.9.13&r=stable
<script src="https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&r=stable" async="">hint #59: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.
hint #60: Response should not be served compressed with Brotli as the compressed size is bigger than the uncompressed one.
hint #62: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #64: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #66: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #68: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #70: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #71: Response should be compressed with Zopfli when gzip compression is requested.
https://script.hotjar … 654cbaa3f0bd561e7235.js
<script async="" src="https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js" charset="utf-8">hint #73: Response should not include 'content-encoding' header.
https://paybis.ladesk … 7B%7D&vn=Y&ci=&jstk=Y
Content-Encoding: gziphint #74: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.
hint #75: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #77: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #79: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #81: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #83: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #85: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #86: Response should be compressed with Zopfli when gzip compression is requested.
https://platform.twitter … fa3e281bb07d1de2c3bee3.js
<script charset="utf-8" src="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">hint #87: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
https://platform.twitter … fa3e281bb07d1de2c3bee3.js
<script charset="utf-8" src="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">hint #89: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #91: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #93: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #95: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #97: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #98: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.
hint #99: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #101: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #102: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.
hint #103: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #105: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #107: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #109: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #110: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.
hint #111: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #113: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.
hint #115: Response should not include 'content-encoding' header.
https://syndication.twitt … 22impression%22%7D%7D
Content-Encoding: gziphint #118: Response should not include 'content-encoding' header.
https://www.facebook … 6761410244585151478-0
Content-Encoding: brhint #120: Response should not include 'content-encoding' header.
https://paybis.com/favicon.ico
Content-Encoding: brhint #1: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/resour … guide/step-by-step-1.png
<img alt="" src="/resources/guide/step-by-step-1.png" style="float:right;height:334px;width:589px;">hint #2: Response should not include unneeded 'x-xss-protection' header.
https://paybis.com/assets … 702f64f583f8/raven.min.js
<script src="/assets/9db333b08a66e9eb79cc702f64f583f8/raven.min.js"></script>hint #3: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/resources/placeholder.png
<img class="lazy" src="/resources/placeholder.png" alt="Digital and Crypto currency exchange" title="PayBis - Digital and Crypto currency exchange!" data-src="/resources/paybisLogoLarge.svg">hint #4: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/assets … 07a289dcd80997cc24989.css
<link href="/assets/all-2620c64200e07a289dcd80997cc24989.css" rel="stylesheet">hint #5: Response should not include unneeded 'x-xss-protection' header.
https://paybis.com/assets … c3ecf8abe26ed2f0abe6b8.js
<script src="/assets/all-39bc476d52c3ecf8abe26ed2f0abe6b8.js"></script>hint #6: Response should not include unneeded 'x-xss-protection' header.
https://paybis.com/js/lazyImgLoader.js
<script src="/js/lazyImgLoader.js"></script>hint #7: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/resour … guide/step-by-step-3.png
<img alt="" src="/resources/guide/step-by-step-3.png" style="float:right;height:300px;width:624px;">hint #8: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/resour … guide/step-by-step-2.png
<img alt="" src="resources/guide/step-by-step-2.png" style="float:right;height:933px;width:578px;">hint #9: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/resour … guide/step-by-step-4.png
<img alt="" src="/resources/guide/step-by-step-4.png" style="float:right;height:189px;width:600px;">hint #10: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/resour … guide/step-by-step-7.png
<img alt="" src="/resources/guide/step-by-step-7.png" style="float:right;height:210px;width:600px;">hint #11: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/resour … guide/step-by-step-8.png
<img alt="" src="/resources/guide/step-by-step-8.png" style="float:right;height:177px;width:600px;">hint #12: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/resour … PayBisLogo-SmallRing.png
<img alt="PayBis Logo" rel="Facebook image" src="https://paybis.com/resources/PayBisLogo-SmallRing.png" style="display: none;">hint #13: Response should not include unneeded 'x-xss-protection' header.
https://www.googletagmana … gtm.js?id=GTM-NZTTKV4
<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>hint #14: Response should not include unneeded 'x-ua-compatible' and 'x-xss-protection' headers.
https://apis.google.com/js/platform.js
<script src="//apis.google.com/js/platform.js" async="" defer="" gapi_processed="true"></script>hint #15: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
hint #16: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
hint #17: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
hint #18: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
hint #19: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
hint #20: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
hint #21: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
hint #22: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
hint #23: Response should not include unneeded 'x-xss-protection' header.
https://paybis.com/resources/paybisLogoNoText.svg
<img class="" src="/resources/paybisLogoNoText.svg" alt="" data-src="/resources/paybisLogoNoText.svg">hint #24: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
hint #25: Response should not include unneeded 'x-xss-protection' header.
https://connect.facebook.net/en_US/fbevents.js
<script async="" src="https://connect.facebook.net/en_US/fbevents.js"></script>hint #26: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/images … 434030674-BitcoinLogo.png
<img src="/images/1434438389-1434030674-BitcoinLogo.png" height="25">hint #27: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
https://paybis.com/images … 478541033-Credit-Card.png
<img src="/images/1478541033-Credit-Card.png" height="25">hint #28: Response should not include unneeded 'x-xss-protection' header.
https://connect.facebook … 5687361?v=2.9.13&r=stable
<script src="https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&r=stable" async="">hint #29: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
hint #47: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.
<button class="btn btn-defaultw" disabled="disabled"><button class="btn btn-defaultw" disabled="disabled">hint #1: '//static.hotjar.com/c/hotjar-155484.js?sv=5' should not be specified as a protocol-relative URL.
<script type="text/javascript" async="" src="//static.hotjar.com/c/hotjar-155484.js?sv=5"></script>hint #2: '//connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6&appId=830232613697077' should not be specified as a protocol-relative URL.
<script id="facebook-jssdk" src="//connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6&appId=830232613697077">hint #3: '//www.google-analytics.com/analytics.js' should not be specified as a protocol-relative URL.
<script async="" src="//www.google-analytics.com/analytics.js"></script>hint #4: '//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4' should not be specified as a protocol-relative URL.
<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>hint #5: '//apis.google.com/js/platform.js' should not be specified as a protocol-relative URL.
<script src="//apis.google.com/js/platform.js" async="" defer="" gapi_processed="true"></script>hint #1: Cross-origin resource <a href="https://paybis.com/assets/9db333b08a66e9eb79cc702f64f583f8/raven.min.js">https://paybis.com/assets/9db333b08a66e9eb79cc702f64f583f8/raven.min.js</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script src="/assets/9db333b08a66e9eb79cc702f64f583f8/raven.min.js"></script>hint #2: Cross-origin resource <a href="https://paybis.com/assets/all-2620c64200e07a289dcd80997cc24989.css">https://paybis.com/assets/all-2620c64200e07a289dcd80997cc24989.css</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<link href="/assets/all-2620c64200e07a289dcd80997cc24989.css" rel="stylesheet">hint #3: Cross-origin resource <a href="https://paybis.com/assets/all-39bc476d52c3ecf8abe26ed2f0abe6b8.js">https://paybis.com/assets/all-39bc476d52c3ecf8abe26ed2f0abe6b8.js</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script src="/assets/all-39bc476d52c3ecf8abe26ed2f0abe6b8.js"></script>hint #4: Cross-origin resource <a href="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js">https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>hint #5: Cross-origin resource <a href="https://paybis.com/js/lazyImgLoader.js">https://paybis.com/js/lazyImgLoader.js</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script src="/js/lazyImgLoader.js"></script>hint #6: Cross-origin resource https://www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4 needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>hint #7: Cross-origin resource <a href="https://apis.google.com/js/platform.js">https://apis.google.com/js/platform.js</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script src="//apis.google.com/js/platform.js" async="" defer="" gapi_processed="true"></script>hint #8: Cross-origin resource <a href="https://platform.twitter.com/widgets.js">https://platform.twitter.com/widgets.js</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script id="twitter-wjs" src="https://platform.twitter.com/widgets.js"></script>hint #9: Cross-origin resource <a href="https://paybis.ladesk.com/scripts/track.js">https://paybis.ladesk.com/scripts/track.js</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script id="la_x2s6df8d" async="" src="https://paybis.ladesk.com/scripts/track.js"></script>hint #10: Cross-origin resource <a href="https://connect.facebook.net/en_US/fbevents.js">https://connect.facebook.net/en_US/fbevents.js</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script async="" src="https://connect.facebook.net/en_US/fbevents.js"></script>hint #11: Resource <a href="https://connect.facebook.net/en_US/sdk.js?hash=3f651d529bbafe5af6d4e41ec3899007&ua=modern_es6">https://connect.facebook.net/en_US/sdk.js?hash=3f651d529bbafe5af6d4e41ec3899007&ua=modern_es6</a> requested without the "integrity" attribute
https://www.facebook … false&show_faces=false
<script src="https://connect.facebook.net/en_US/sdk.js?hash=3f651d529bbafe5af6d4e41ec3899007&ua=modern_es6" async="" crossorigin="anonymous">hint #12: Cross-origin resource <a href="https://static.hotjar.com/c/hotjar-155484.js?sv=5">https://static.hotjar.com/c/hotjar-155484.js?sv=5</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script type="text/javascript" async="" src="//static.hotjar.com/c/hotjar-155484.js?sv=5"></script>hint #13: Cross-origin resource <a href="https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&r=stable">https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&r=stable</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script src="https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&r=stable" async="">hint #14: Cross-origin resource <a href="https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js">https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script async="" src="https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js" charset="utf-8">hint #15: Cross-origin resource <a href="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js</a> needs a "crossorigin" attribute to be eligible for integrity validation
https://www.facebook … false&show_faces=false
<script charset="utf-8" src="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">hint #16: Cross-origin resource <a href="https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6&appId=830232613697077">https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6&appId=830232613697077</a> needs a "crossorigin" attribute to be eligible for integrity validation
<script id="facebook-jssdk" src="//connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6&appId=830232613697077">hint #3: 'strict-transport-security' header 'max-age' value should be more than 10886400
https://w.soundcloud … false&show_teaser=true
Strict-Transport-Security: max-age=2592000hint #8: 'strict-transport-security' header was not specified
https://widget.trustpilot … widget.bootstrap.min.js
<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>hint #9: 'strict-transport-security' header was not specified
https://www.googletagmana … gtm.js?id=GTM-NZTTKV4
<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>hint #10: 'strict-transport-security' header was not specified
https://s3.amazonaws … to+BTC/DE/Step+4.2.PNG
<img alt="" src="https://s3.amazonaws.com/media.paybis.com/images/Step-by-step/CC/%D0%A1%D0%A1+to+BTC/DE/Step+4.2.PNG" style="float:right;height:750px;width:600px;">hint #11: 'strict-transport-security' header was not specified
https://s3.amazonaws … to+BTC/DE/Step+4.3.PNG
<img alt="" src="https://s3.amazonaws.com/media.paybis.com/images/Step-by-step/CC/%D0%A1%D0%A1+to+BTC/DE/Step+4.3.PNG" style="float:right;height:312px;width:600px;">hint #12: 'strict-transport-security' header was not specified
https://platform.twitter.com/widgets.js
<script id="twitter-wjs" src="https://platform.twitter.com/widgets.js"></script>hint #13: 'strict-transport-security' header 'max-age' value should be more than 10886400
https://paybis.ladesk.com/scripts/track.js
Strict-Transport-Security: max-age=2592000; includesubdomainshint #14: 'strict-transport-security' header was not specified
https://static.hotjar.com/c/hotjar-155484.js?sv=5
<script type="text/javascript" async="" src="//static.hotjar.com/c/hotjar-155484.js?sv=5"></script>hint #22: 'strict-transport-security' header was not specified
https://script.hotjar … 654cbaa3f0bd561e7235.js
<script async="" src="https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js" charset="utf-8">hint #31: 'strict-transport-security' header was not specified
https://platform.twitter … fa3e281bb07d1de2c3bee3.js
<script charset="utf-8" src="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">hint #33: 'strict-transport-security' header 'max-age' value should be more than 10886400
https://api-widget.soundc … app_version=1574158796
Strict-Transport-Security: max-age=2592000hint #47: 'strict-transport-security' header 'max-age' value should be more than 10886400
https://api-widget.soundc … app_version=1574158796
Strict-Transport-Security: max-age=2592000Set-Cookie: __cfduid=d536196c150330477515e6f5bc9a3aded1574263491; expires=Fri, 20-Dec-19 15:24:51 GMT; path=/; domain=.paybis.com; HttpOnly; SecureSet-Cookie: frontend=t0g4hj6vj797c3uoi5o88dho96; expires=Sat, 17-Nov-2029 15:24:52 GMT; Max-Age=315360000; path=/; secure; HttpOnlySet-Cookie: first-visit=d76bd45266b80c0a15c8bc121b0c42fce31269d9a4a69482f428d59ec43b40d7a%3A2%3A%7Bi%3A0%3Bs%3A11%3A%22first-visit%22%3Bi%3A1%3Bb%3A1%3B%7D; expires=Sat, 17-Nov-2029 15:24:51 GMT; Max-Age=315359999; path=/; secure; HttpOnlyhttps://www.youtube.com//embed/gNWuU55OeFg
Set-Cookie: VISITOR_INFO1_LIVE=WhuDRgyrSPY; path=/; domain=.youtube.com; secure; expires=Mon, 18-May-2020 15:24:54 GMT; httponlyhttps://www.youtube.com//embed/gNWuU55OeFg
Set-Cookie: GPS=1; path=/; domain=.youtube.com; expires=Wed, 20-Nov-2019 15:54:54 GMThttps://www.youtube.com//embed/gNWuU55OeFg
Set-Cookie: GPS=1; path=/; domain=.youtube.com; expires=Wed, 20-Nov-2019 15:54:54 GMThttps://www.youtube.com//embed/gNWuU55OeFg
Set-Cookie: VISITOR_INFO1_LIVE=WhuDRgyrSPY; path=/; domain=.youtube.com; secure; expires=Mon, 18-May-2020 15:24:54 GMT; httponlyhttps://www.youtube.com//embed/gNWuU55OeFg
Set-Cookie: YSC=myktkMF4gzg; path=/; domain=.youtube.com; httponlyhttps://www.youtube.com/embed/hhg_pvk4w5E
Set-Cookie: VISITOR_INFO1_LIVE=C0FLxEXG9Os; path=/; domain=.youtube.com; secure; expires=Mon, 18-May-2020 15:24:54 GMT; httponlyhttps://www.youtube.com/embed/hhg_pvk4w5E
Set-Cookie: YSC=0p9GDW8puZY; path=/; domain=.youtube.com; httponlyhttps://www.youtube.com/embed/hhg_pvk4w5E
Set-Cookie: GPS=1; path=/; domain=.youtube.com; expires=Wed, 20-Nov-2019 15:54:54 GMThttps://www.youtube.com/embed/hhg_pvk4w5E
Set-Cookie: GPS=1; path=/; domain=.youtube.com; expires=Wed, 20-Nov-2019 15:54:54 GMThttps://www.youtube.com/embed/hhg_pvk4w5E
Set-Cookie: VISITOR_INFO1_LIVE=C0FLxEXG9Os; path=/; domain=.youtube.com; secure; expires=Mon, 18-May-2020 15:24:54 GMT; httponlyhint #8: Response should include 'x-content-type-options' header.
https://widget.trustpilot … widget.bootstrap.min.js
<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>hint #10: Response should include 'x-content-type-options' header.
https://www.googletagmana … gtm.js?id=GTM-NZTTKV4
<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>hint #11: Response should include 'x-content-type-options' header.
https://s3.amazonaws … to+BTC/DE/Step+4.2.PNG
<img alt="" src="https://s3.amazonaws.com/media.paybis.com/images/Step-by-step/CC/%D0%A1%D0%A1+to+BTC/DE/Step+4.2.PNG" style="float:right;height:750px;width:600px;">hint #12: Response should include 'x-content-type-options' header.
https://s3.amazonaws … to+BTC/DE/Step+4.3.PNG
<img alt="" src="https://s3.amazonaws.com/media.paybis.com/images/Step-by-step/CC/%D0%A1%D0%A1+to+BTC/DE/Step+4.3.PNG" style="float:right;height:312px;width:600px;">hint #13: Response should include 'x-content-type-options' header.
https://platform.twitter.com/widgets.js
<script id="twitter-wjs" src="https://platform.twitter.com/widgets.js"></script>hint #16: Response should include 'x-content-type-options' header.
https://script.hotjar … 654cbaa3f0bd561e7235.js
<script async="" src="https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js" charset="utf-8">hint #23: Response should include 'x-content-type-options' header.
https://platform.twitter … fa3e281bb07d1de2c3bee3.js
<script charset="utf-8" src="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">
