This site uses cookies for analytics. By continuing to browse this site, you agree to this use.

scanning 100%

scan time: 03:00

hints

517

Date: 2019-11-20T15:24:45.947Z

webhint version: 5.4.1

Hints

Accessibility

axe/aria: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/color: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/forms: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/keyboard: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/language: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/name-role-value: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/other: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/parsing: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/semantics: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/sensory-and-visual-cues: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/structure: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/tables: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/text-alternatives: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

axe/time-and-media: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

Compatibility

compat-api/html: 15 hints

hint #1: 'html[dir]' is not supported by Edge.

https://paybis.com/

<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

hint #2: 'input[inputmode]' is not supported by Chrome < 66, Firefox, Firefox Android, Safari.

https://paybis.com/

<input type="number" class="form-control you-give has-focus" id="sell-fiat-amount" pattern="^[0-9]+([\.][0-9]+)?$" inputmode="numeric" placeholder="0.00" step="0.01" tabindex="1" value="0">

hint #3: 'input[inputmode]' is not supported by Chrome < 66, Firefox, Firefox Android, Safari.

https://paybis.com/

<input id="crypto-amount" type="number" class="form-control you-give amount-crypto" pattern="^[0-9]+([\.][0-9]+)?$" inputmode="numeric" placeholder="0.00000" tabindex="2" step="0.00001">

hint #4: 'input[inputmode]' is not supported by Chrome < 66, Firefox, Firefox Android, Safari.

https://paybis.com/

<input type="number" class="form-control" id="amount-to" pattern="^[0-9]+([\.][0-9]+)?$" inputmode="numeric" placeholder="0.00" step="0.01" tabindex="3" value="">

hint #5: 'input[inputmode]' is not supported by Chrome < 66, Firefox, Firefox Android, Safari.

https://paybis.com/

<input type="number" class="form-control amount-crypto" id="crypto-amount-receive" pattern="^[0-9]+([\.][0-9]+)?$" inputmode="numeric" placeholder="0.00000" step="0.00001" tabindex="4">

hint #6: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.

https://paybis.com/

<iframe style="position: absolute; top: 0; left: 0;" width="100%" height="100%" data-lazy-src="https://www.youtube.com//embed … autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen="" src="https://www.youtube.com//embed/gNWuU55OeFg">

hint #7: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.

https://paybis.com/

<iframe width="100%" height="175" scrolling="no" frameborder="no" allow="autoplay" data-lazy-src="https://w.soundcloud.com … play=false&amp;hide_related=false&amp;show_comments=true&amp;show_user=true&amp;show_reposts=false&amp;show_teaser=true">

hint #8: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.

https://paybis.com/

<iframe style="position: absolute; top: 0; left: 0;" width="100%" height="100%" data-lazy-src="https://www.youtube.com/embed … autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen="" src="https://www.youtube.com/embed/hhg_pvk4w5E">

hint #9: 'time' is not supported by Chrome < 62, Samsung Internet.

https://paybis.com/

<time datetime="2019-11-15">Nov 15, 2019 @ 13:45 UTC</time>

hint #10: 'time' is not supported by Chrome < 62, Samsung Internet.

https://paybis.com/

<time datetime="2019-10-21">Oct 21, 2019 @ 10:26 UTC</time>

hint #11: 'time' is not supported by Chrome < 62, Samsung Internet.

https://paybis.com/

<time datetime="2019-10-23">Oct 23, 2019 @ 09:14 UTC</time>

hint #12: 'time' is not supported by Chrome < 62, Samsung Internet.

https://paybis.com/

<time datetime="2019-10-23">Oct 23, 2019 @ 09:18 UTC</time>

hint #13: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.

https://paybis.com/

<iframe name="f10bef4359599d" width="1000px" height="1000px" title="fb:like Facebook Social Plugin" frameborder="0" allowtransparency … joey&amp;share=false&amp;show_faces=false" style="border: none; visibility: visible; width: 58px; height: 40px;" class="">

hint #14: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.

https://paybis.com/

<iframe name="fb_xdm_frame_https" id="fb_xdm_frame_https" aria-hidden="true" title="Facebook Cross Domain Communication Frame … com/connect/xd_arbiter.php?version=44#channel=f29b86819a3296c&amp;origin=https%3A%2F%2Fpaybis.com" style="border: none;">

hint #15: 'iframe[allow]' is not supported by Chrome < 60, Edge, Firefox, Firefox Android, Samsung Internet.

https://paybis.com/

<iframe src="https://2-vbus-eu.ladesk.com/5_15_11_2/scripts/lib/bus.html?v=5.15.11.2#%7B%22location%22%3A%22https%3A%2F%2Fpaybis … allowfullscreen="true" allow="microphone; camera" style="display: none; position: fixed; border: 0px; overflow: hidden;">
content-type: 49 hints

hint #1: 'content-type' header charset value should be 'utf-8'.

https://widget.trustpilot … 5577004d0000ff000580102b

Content-Type: text/html

hint #2: 'content-type' header charset value should be 'utf-8'.

https://widget.trustpilot … 5577004d0000ff000580102b

Content-Type: text/html

hint #3: 'content-type' header charset value should be 'utf-8'.

https://w.soundcloud … false&show_teaser=true

Content-Type: text/html

hint #4: 'content-type' header charset value should be 'utf-8'.

https://vars.hotjar.com … e933fad3a2e45df61b38.html

Content-Type: text/html

hint #5: 'content-type' header media type value should be 'application/x-httpd-php', not 'text/html'.

https://staticxx.facebook … arbiter.php?version=44

Content-Type: text/html; charset=utf-8

hint #6: 'content-type' header charset value should be 'utf-8'.

https://2-vbus-eu.ladesk … bus.html?v=5.15.11.2

Content-Type: text/html

hint #7: 'content-type' header media type value should be 'application/x-httpd-php', not 'text/html'.

https://www.facebook … false&show_faces=false

Content-Type: text/html; charset="utf-8"

hint #8: 'content-type' header charset value should be 'utf-8'.

https://paybis.com/assets … 07a289dcd80997cc24989.css

Content-Type: text/css

hint #9: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.

https://widget.trustpilot … widget.bootstrap.min.js

Content-Type: application/x-javascript

hint #10: 'content-type' header charset value should be 'utf-8'.

https://widget.trustpilot … widget.bootstrap.min.js

Content-Type: application/x-javascript

hint #11: 'content-type' header charset value should be 'utf-8'.

https://paybis.com/cdn … tatic/email-decode.min.js

Content-Type: application/javascript

hint #12: 'content-type' header media type value should be 'font/woff2', not 'application/octet-stream'.

https://paybis.com/assets … illic_latin-regular.woff2

Content-Type: application/octet-stream

hint #13: 'content-type' header media type value should be 'font/woff2', not 'application/octet-stream'.

https://paybis.com/assets … bfonts/fa-solid-900.woff2

Content-Type: application/octet-stream

hint #14: 'content-type' header media type value should be 'font/woff2', not 'application/octet-stream'.

https://paybis.com/assets … cyrillic_latin-700.woff2

Content-Type: application/octet-stream

hint #15: 'content-type' header media type value should be 'font/woff2', not 'application/octet-stream'.

https://paybis.com/assets … fonts/fa-brands-400.woff2

Content-Type: application/octet-stream

hint #16: 'content-type' header media type value should be 'font/woff2', not 'application/octet-stream'.

https://paybis.com/assets … cyrillic_latin-300.woff2

Content-Type: application/octet-stream

hint #17: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.

https://connect.facebook.net/en_US/sdk.js

Content-Type: application/x-javascript; charset=utf-8

hint #18: 'content-type' header charset value should be 'utf-8'.

https://paybis.ladesk.com/scripts/track.js

Content-Type: application/javascript

hint #19: 'content-type' header charset value should be 'utf-8'.

https://paybis.com/resources/paybisLogoNoText.svg

Content-Type: image/svg+xml

hint #20: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.

https://connect.facebook.net/en_US/fbevents.js

Content-Type: application/x-javascript; charset=utf-8

hint #21: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.

https://connect.facebook … 41ec3899007&ua=modern_es6

Content-Type: application/x-javascript; charset=utf-8

hint #22: 'content-type' header charset value should be 'utf-8'.

https://static.hotjar.com/c/hotjar-155484.js?sv=5

Content-Type: application/javascript

hint #23: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.

https://widget.trustpilot … 7fa0340045cd0c936/main.js

Content-Type: application/x-javascript

hint #24: 'content-type' header charset value should be 'utf-8'.

https://widget.trustpilot … 7fa0340045cd0c936/main.js

Content-Type: application/x-javascript

hint #25: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.

https://widget.trustpilot … fc6454f065c28af8b/main.js

Content-Type: application/x-javascript

hint #26: 'content-type' header charset value should be 'utf-8'.

https://widget.trustpilot … fc6454f065c28af8b/main.js

Content-Type: application/x-javascript

hint #27: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.

https://connect.facebook … 5687361?v=2.9.13&r=stable

Content-Type: application/x-javascript; charset=utf-8

hint #28: 'content-type' header charset value should be 'utf-8'.

https://www.youtube.com … player-webp-vfl531yHL.css

Content-Type: text/css

hint #29: 'content-type' header charset value should be 'utf-8'.

https://www.youtube.com … muzAg/www-embed-player.js

Content-Type: text/javascript

hint #30: 'content-type' header charset value should be 'utf-8'.

https://www.youtube.com … vfl8EyRMW/en_US/base.js

Content-Type: text/javascript

hint #31: 'content-type' header charset value should be 'utf-8'.

https://www.youtube.com … player-webp-vfl531yHL.css

Content-Type: text/css

hint #32: 'content-type' header charset value should be 'utf-8'.

https://www.youtube.com … muzAg/www-embed-player.js

Content-Type: text/javascript

hint #33: 'content-type' header charset value should be 'utf-8'.

https://script.hotjar … 654cbaa3f0bd561e7235.js

Content-Type: application/javascript

hint #34: 'content-type' header media type value should be 'application/x-httpd-php', not 'application/x-javascript'.

https://paybis.ladesk … 7B%7D&vn=Y&ci=&jstk=Y

Content-Type: application/x-javascript

hint #35: 'content-type' header charset value should be 'utf-8'.

https://widget.sndcdn … idget-eb595a5-7505829a.js

Content-Type: application/javascript

hint #36: 'content-type' header charset value should be 'utf-8'.

https://widget.sndcdn … sound-7a5529e-7a528cf9.js

Content-Type: application/javascript

hint #37: 'content-type' header charset value should be 'utf-8'.

https://www.youtube.com … vfl8EyRMW/en_US/base.js

Content-Type: text/javascript

hint #38: 'content-type' header charset value should be 'utf-8'.

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

Content-Type: text/javascript

hint #39: 'content-type' header charset value should be 'utf-8'.

https://static.doubleclic … instream/ad_status.js

Content-Type: text/javascript

hint #40: 'content-type' header charset value should be 'utf-8'.

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

Content-Type: text/javascript

hint #41: 'content-type' header charset value should be 'utf-8'.

https://static.doubleclic … instream/ad_status.js

Content-Type: text/javascript

hint #42: 'content-type' header charset value should be 'utf-8'.

https://www.facebook.com/tr/

Content-Type: text/plain

hint #43: 'content-type' header charset value should be 'utf-8'.

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

Content-Type: text/javascript

hint #44: 'content-type' header charset value should be 'utf-8'.

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

Content-Type: text/javascript

hint #45: 'content-type' header charset value should be 'utf-8'.

https://wave.sndcdn.com/8KbLM4l2p41B_m.json

Content-Type: application/json

hint #46: 'content-type' header charset value should be 'utf-8'.

https://cdn.siftscience.com/s.js?_=1574263493428

Content-Type: application/javascript

hint #47: 'content-type' header value should not contain 'charset=utf-8'.

https://syndication.twitt … 22impression%22%7D%7D

Content-Type: image/gif;charset=utf-8

hint #48: 'content-type' header media type value should be 'text/javascript', not 'application/x-javascript'.

https://www.facebook … js?_nc_x=Ij3Wp8lg5Kz

Content-Type: application/x-javascript; charset=utf-8

hint #49: 'content-type' header media type value should be 'image/png', not 'image/x-icon'.

https://paybis.com/favicon.ico

Content-Type: image/x-icon
no-bom: 3 hints

hint #1: Text-based resource should not start with BOM character.

https://widget.trustpilot … widget.bootstrap.min.js

<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>

hint #2: Text-based resource should not start with BOM character.

https://widget.trustpilot … 7fa0340045cd0c936/main.js

hint #3: Text-based resource should not start with BOM character.

https://widget.trustpilot … fc6454f065c28af8b/main.js

no-p3p: 12 hints

hint #1: P3P should not be used as it is deprecated.

https://www.youtube.com//embed/gNWuU55OeFg

P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."

hint #2: P3P should not be used as it is deprecated.

https://www.youtube.com/embed/hhg_pvk4w5E

P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."

hint #3: P3P should not be used as it is deprecated.

https://w.soundcloud … false&show_teaser=true

P3P: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"

hint #4: P3P should not be used as it is deprecated.

https://platform.twitter … https%3A%2F%2Fpaybis.com

P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

hint #5: P3P should not be used as it is deprecated.

https://platform.twitter … 3368df1a320e00cbf.en.html

P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

hint #6: P3P should not be used as it is deprecated.

https://apis.google.com/js/platform.js

P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."

hint #7: P3P should not be used as it is deprecated.

https://platform.twitter.com/widgets.js

P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

hint #8: P3P should not be used as it is deprecated.

https://www.google.com … 331574&_v=j79&z=546748318

P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"

hint #9: P3P should not be used as it is deprecated.

https://www.google.com … 6280358&_v=j79&z=66113206

P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"

hint #10: P3P should not be used as it is deprecated.

https://platform.twitter … fa3e281bb07d1de2c3bee3.js

P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

hint #11: P3P should not be used as it is deprecated.

https://googleads.g.doubleclick.net/pagead/id

P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

hint #12: P3P should not be used as it is deprecated.

https://googleads.g.doubl … net/pagead/id?slf_rd=1

P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
stylesheet-limits: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

PWA

apple-touch-icons: 1 hints

hint #1: 'apple-touch-icon' link element was not specified.

https://paybis.com/

Performance

http-cache: 122 hints

hint #1: The directive "must-revalidate" is not recommended

https://paybis.com/

Cache-Control: no-store, no-cache, must-revalidate

hint #2: The target should not be cached, or have a small "max-age" value (180): max-age=86400

https://widget.trustpilot … 5577004d0000ff000580102b

Cache-Control: max-age=86400

hint #3: The target should not be cached, or have a small "max-age" value (180): max-age=86400

https://widget.trustpilot … 5577004d0000ff000580102b

Cache-Control: max-age=86400

hint #4: The target should not be cached, or have a small "max-age" value (180): public, max-age=300

https://w.soundcloud … false&show_teaser=true

Cache-Control: public, max-age=300

hint #5: The target should not be cached, or have a small "max-age" value (180): public, max-age=315360000

https://platform.twitter … https%3A%2F%2Fpaybis.com

Cache-Control: public, max-age=315360000

hint #6: The target should not be cached, or have a small "max-age" value (180): max-age=31536000

https://vars.hotjar.com … e933fad3a2e45df61b38.html

Cache-Control: max-age=31536000

hint #7: The target should not be cached, or have a small "max-age" value (180): public,max-age=31536000,immutable

https://staticxx.facebook … arbiter.php?version=44

Cache-Control: public,max-age=31536000,immutable

hint #8: No "cache-control" header or empty value found. It should have a value

https://2-vbus-eu.ladesk … bus.html?v=5.15.11.2

hint #9: The target should not be cached, or have a small "max-age" value (180): public, max-age=315360000

https://platform.twitter … 3368df1a320e00cbf.en.html

Cache-Control: public, max-age=315360000

hint #10: The directive "must-revalidate" is not recommended

https://www.facebook … false&show_faces=false

Cache-Control: private, no-cache, no-store, must-revalidate

hint #11: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-1.png

Cache-Control: max-age=86400, public

hint #12: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-1.png

Cache-Control: max-age=86400, public

hint #13: Static resources should use the "immutable" directive: Directives used: max-age=31536000, public

https://paybis.com/assets … 702f64f583f8/raven.min.js

Cache-Control: max-age=31536000, public

hint #14: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/resources/placeholder.png

Cache-Control: max-age=86400, public

hint #15: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/resources/placeholder.png

Cache-Control: max-age=86400, public

hint #16: Static resources should use the "immutable" directive: Directives used: max-age=31536000, public

https://paybis.com/assets … 07a289dcd80997cc24989.css

Cache-Control: max-age=31536000, public

hint #17: Static resources should use the "immutable" directive: Directives used: max-age=31536000, public

https://paybis.com/assets … c3ecf8abe26ed2f0abe6b8.js

Cache-Control: max-age=31536000, public

hint #18: Static resources should have a long cache value (31536000): Directives used: max-age=86400

https://widget.trustpilot … widget.bootstrap.min.js

Cache-Control: max-age=86400

hint #19: Static resources should use the "immutable" directive: Directives used: max-age=86400

https://widget.trustpilot … widget.bootstrap.min.js

Cache-Control: max-age=86400

hint #20: Static resources should have a long cache value (31536000): Directives used: max-age=172800, public

https://paybis.com/cdn … tatic/email-decode.min.js

Cache-Control: max-age=172800, public

hint #21: Static resources should use the "immutable" directive: Directives used: max-age=172800, public

https://paybis.com/cdn … tatic/email-decode.min.js

Cache-Control: max-age=172800, public

hint #22: Static resources should use the "immutable" directive: Directives used: max-age=31536000, public

https://paybis.com/js/lazyImgLoader.js

Cache-Control: max-age=31536000, public

hint #23: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-3.png

Cache-Control: max-age=86400, public

hint #24: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-3.png

Cache-Control: max-age=86400, public

hint #25: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-2.png

Cache-Control: max-age=86400, public

hint #26: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-2.png

Cache-Control: max-age=86400, public

hint #27: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-4.png

Cache-Control: max-age=86400, public

hint #28: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-4.png

Cache-Control: max-age=86400, public

hint #29: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-7.png

Cache-Control: max-age=86400, public

hint #30: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-7.png

Cache-Control: max-age=86400, public

hint #31: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-8.png

Cache-Control: max-age=86400, public

hint #32: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/resour … guide/step-by-step-8.png

Cache-Control: max-age=86400, public

hint #33: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/resour … PayBisLogo-SmallRing.png

Cache-Control: max-age=86400, public

hint #34: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/resour … PayBisLogo-SmallRing.png

Cache-Control: max-age=86400, public

hint #35: Static resources should have a long cache value (31536000): Directives used: private, max-age=900

https://www.googletagmana … gtm.js?id=GTM-NZTTKV4

Cache-Control: private, max-age=900

hint #36: Static resources should use the "immutable" directive: Directives used: private, max-age=900

https://www.googletagmana … gtm.js?id=GTM-NZTTKV4

Cache-Control: private, max-age=900

hint #37: Static resources should have a long cache value (31536000): Directives used: public

https://s3.amazonaws … to+BTC/DE/Step+4.2.PNG

Cache-Control: public

hint #38: Static resources should use the "immutable" directive: Directives used: public

https://s3.amazonaws … to+BTC/DE/Step+4.2.PNG

Cache-Control: public

hint #39: Static resources should have a long cache value (31536000): Directives used: public

https://s3.amazonaws … to+BTC/DE/Step+4.3.PNG

Cache-Control: public

hint #40: Static resources should use the "immutable" directive: Directives used: public

https://s3.amazonaws … to+BTC/DE/Step+4.3.PNG

Cache-Control: public

hint #41: The following directive has an invalid value: stale-while-revalidate=1800

https://apis.google.com/js/platform.js

Cache-Control: private, max-age=1800, stale-while-revalidate=1800

hint #42: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/resources/btc_bg_black.png

Cache-Control: max-age=86400, public

hint #43: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/resources/btc_bg_black.png

Cache-Control: max-age=86400, public

hint #44: Static resources should have a long cache value (31536000): Directives used: max-age=2592000, public

https://paybis.com/assets … illic_latin-regular.woff2

Cache-Control: max-age=2592000, public

hint #45: Static resources should use the "immutable" directive: Directives used: max-age=2592000, public

https://paybis.com/assets … illic_latin-regular.woff2

Cache-Control: max-age=2592000, public

hint #46: Static resources should have a long cache value (31536000): Directives used: max-age=2592000, public

https://paybis.com/assets … bfonts/fa-solid-900.woff2

Cache-Control: max-age=2592000, public

hint #47: Static resources should use the "immutable" directive: Directives used: max-age=2592000, public

https://paybis.com/assets … bfonts/fa-solid-900.woff2

Cache-Control: max-age=2592000, public

hint #48: Static resources should have a long cache value (31536000): Directives used: max-age=2592000, public

https://paybis.com/assets … cyrillic_latin-700.woff2

Cache-Control: max-age=2592000, public

hint #49: Static resources should use the "immutable" directive: Directives used: max-age=2592000, public

https://paybis.com/assets … cyrillic_latin-700.woff2

Cache-Control: max-age=2592000, public

hint #50: Static resources should have a long cache value (31536000): Directives used: max-age=2592000, public

https://paybis.com/assets … fonts/fa-brands-400.woff2

Cache-Control: max-age=2592000, public

hint #51: Static resources should use the "immutable" directive: Directives used: max-age=2592000, public

https://paybis.com/assets … fonts/fa-brands-400.woff2

Cache-Control: max-age=2592000, public

hint #52: Static resources should have a long cache value (31536000): Directives used: max-age=2592000, public

https://paybis.com/assets … cyrillic_latin-300.woff2

Cache-Control: max-age=2592000, public

hint #53: Static resources should use the "immutable" directive: Directives used: max-age=2592000, public

https://paybis.com/assets … cyrillic_latin-300.woff2

Cache-Control: max-age=2592000, public

hint #54: Static resources should have a long cache value (31536000): Directives used: public, max-age=1800

https://platform.twitter.com/widgets.js

Cache-Control: public, max-age=1800

hint #55: Static resources should use the "immutable" directive: Directives used: public, max-age=1800

https://platform.twitter.com/widgets.js

Cache-Control: public, max-age=1800

hint #56: The following directive has an invalid value: stale-while-revalidate=3600

https://connect.facebook.net/en_US/sdk.js

Cache-Control: public,max-age=1200,stale-while-revalidate=3600

hint #57: The directive "must-revalidate" is not recommended

https://paybis.com/twitter-count/

Cache-Control: no-store, no-cache, must-revalidate

hint #58: Static resources should have a long cache value (31536000): Directives used: max-age=21600

https://paybis.ladesk.com/scripts/track.js

Cache-Control: max-age=21600

hint #59: Static resources should use the "immutable" directive: Directives used: max-age=21600

https://paybis.ladesk.com/scripts/track.js

Cache-Control: max-age=21600

hint #60: The directive "must-revalidate" is not recommended

https://paybis.com/get-crypto-rates/

Cache-Control: no-store, no-cache, must-revalidate

hint #61: No "cache-control" header or empty value found. It should have a value

https://paybis.com/resources/paybisLogoNoText.svg

hint #62: The directive "must-revalidate" is not recommended

https://paybis.com/get … credit-card&isSellPage=0

Cache-Control: no-store, no-cache, must-revalidate

hint #63: Static resources should have a long cache value (31536000): Directives used: public, max-age=1200

https://connect.facebook.net/en_US/fbevents.js

Cache-Control: public, max-age=1200

hint #64: Static resources should use the "immutable" directive: Directives used: public, max-age=1200

https://connect.facebook.net/en_US/fbevents.js

Cache-Control: public, max-age=1200

hint #65: The following directive has an invalid value: stale-while-revalidate=3600

https://connect.facebook … 41ec3899007&ua=modern_es6

Cache-Control: public,max-age=31536000,stale-while-revalidate=3600,immutable

hint #66: Static resources should have a long cache value (31536000): Directives used: max-age=60

https://static.hotjar.com/c/hotjar-155484.js?sv=5

Cache-Control: max-age=60

hint #67: Static resources should use the "immutable" directive: Directives used: max-age=60

https://static.hotjar.com/c/hotjar-155484.js?sv=5

Cache-Control: max-age=60

hint #68: Static resources should have a long cache value (31536000): Directives used: max-age=86400

https://widget.trustpilot … 7fa0340045cd0c936/main.js

Cache-Control: max-age=86400

hint #69: Static resources should use the "immutable" directive: Directives used: max-age=86400

https://widget.trustpilot … 7fa0340045cd0c936/main.js

Cache-Control: max-age=86400

hint #70: Static resources should have a long cache value (31536000): Directives used: max-age=86400

https://widget.trustpilot … fc6454f065c28af8b/main.js

Cache-Control: max-age=86400

hint #71: Static resources should use the "immutable" directive: Directives used: max-age=86400

https://widget.trustpilot … fc6454f065c28af8b/main.js

Cache-Control: max-age=86400

hint #72: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/images … 434030674-BitcoinLogo.png

Cache-Control: max-age=86400, public

hint #73: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/images … 434030674-BitcoinLogo.png

Cache-Control: max-age=86400, public

hint #74: Static resources should have a long cache value (31536000): Directives used: max-age=86400, public

https://paybis.com/images … 478541033-Credit-Card.png

Cache-Control: max-age=86400, public

hint #75: Static resources should use the "immutable" directive: Directives used: max-age=86400, public

https://paybis.com/images … 478541033-Credit-Card.png

Cache-Control: max-age=86400, public

hint #76: Static resources should have a long cache value (31536000): Directives used: public, max-age=1200

https://connect.facebook … 5687361?v=2.9.13&r=stable

Cache-Control: public, max-age=1200

hint #77: Static resources should use the "immutable" directive: Directives used: public, max-age=1200

https://connect.facebook … 5687361?v=2.9.13&r=stable

Cache-Control: public, max-age=1200

hint #78: The directive "must-revalidate" is not recommended

https://paybis.com/site/client-id/

Cache-Control: no-store, no-cache, must-revalidate

hint #79: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000

https://www.youtube.com … player-webp-vfl531yHL.css

Cache-Control: public, max-age=31536000

hint #80: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200

https://www.youtube.com … muzAg/www-embed-player.js

Cache-Control: public, max-age=691200

hint #81: Static resources should use the "immutable" directive: Directives used: public, max-age=691200

https://www.youtube.com … muzAg/www-embed-player.js

Cache-Control: public, max-age=691200

hint #82: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200

https://www.youtube.com … vfl8EyRMW/en_US/base.js

Cache-Control: public, max-age=691200

hint #83: Static resources should use the "immutable" directive: Directives used: public, max-age=691200

https://www.youtube.com … vfl8EyRMW/en_US/base.js

Cache-Control: public, max-age=691200

hint #84: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000

https://www.youtube.com … player-webp-vfl531yHL.css

Cache-Control: public, max-age=31536000

hint #85: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200

https://www.youtube.com … muzAg/www-embed-player.js

Cache-Control: public, max-age=691200

hint #86: Static resources should use the "immutable" directive: Directives used: public, max-age=691200

https://www.youtube.com … muzAg/www-embed-player.js

Cache-Control: public, max-age=691200

hint #87: Static resources should use the "immutable" directive: Directives used: max-age=31536000

https://script.hotjar … 654cbaa3f0bd561e7235.js

Cache-Control: max-age=31536000

hint #88: The following directives have an invalid value: post-check=0 pre-check=0

https://paybis.ladesk … 7B%7D&vn=Y&ci=&jstk=Y

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

hint #89: The directive "must-revalidate" is not recommended

https://syndication.twitter.com/settings

Cache-Control: must-revalidate, max-age=600

hint #90: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200

https://www.youtube.com … vfl8EyRMW/en_US/base.js

Cache-Control: public, max-age=691200

hint #91: Static resources should use the "immutable" directive: Directives used: public, max-age=691200

https://www.youtube.com … vfl8EyRMW/en_US/base.js

Cache-Control: public, max-age=691200

hint #92: The directive "must-revalidate" is not recommended

https://www.google.com … 331574&_v=j79&z=546748318

Cache-Control: no-cache, no-store, must-revalidate

hint #93: The directive "must-revalidate" is not recommended

https://www.google.com … 6280358&_v=j79&z=66113206

Cache-Control: no-cache, no-store, must-revalidate

hint #94: Static resources should use the "immutable" directive: Directives used: public, max-age=315360000

https://platform.twitter … fa3e281bb07d1de2c3bee3.js

Cache-Control: public, max-age=315360000

hint #95: The directive "must-revalidate" is not recommended

https://www.facebook … 3495257&coo=false&rqm=GET

Cache-Control: no-cache, must-revalidate, max-age=0

hint #96: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

Cache-Control: public, max-age=31536000

hint #97: Static resources should have a long cache value (31536000): Directives used: public, max-age=900

https://static.doubleclic … instream/ad_status.js

Cache-Control: public, max-age=900

hint #98: Static resources should use the "immutable" directive: Directives used: public, max-age=900

https://static.doubleclic … instream/ad_status.js

Cache-Control: public, max-age=900

hint #99: Static resources should use the "immutable" directive: Directives used: public, max-age=31536000

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

Cache-Control: public, max-age=31536000

hint #100: Static resources should have a long cache value (31536000): Directives used: public, max-age=900

https://static.doubleclic … instream/ad_status.js

Cache-Control: public, max-age=900

hint #101: Static resources should use the "immutable" directive: Directives used: public, max-age=900

https://static.doubleclic … instream/ad_status.js

Cache-Control: public, max-age=900

hint #102: The directive "must-revalidate" is not recommended

https://googleads.g.doubleclick.net/pagead/id

Cache-Control: no-cache, no-store, must-revalidate

hint #103: No "cache-control" header or empty value found. It should have a value

https://www.facebook.com/tr/

hint #104: The directive "no-store" is not recommended

https://widget.trustpilot … 5419b637fa0340045cd0c936

Cache-Control: no-store,no-cache

hint #105: The directive "no-store" is not recommended

https://widget.trustpilot … 54ad5defc6454f065c28af8b

Cache-Control: no-store,no-cache

hint #106: The directive "no-store" is not recommended

https://widget.trustpilot … 5419b637fa0340045cd0c936

Cache-Control: no-store,no-cache

hint #107: The directive "must-revalidate" is not recommended

https://googleads.g.doubl … net/pagead/id?slf_rd=1

Cache-Control: no-cache, no-store, must-revalidate

hint #108: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

Cache-Control: public, max-age=691200

hint #109: Static resources should use the "immutable" directive: Directives used: public, max-age=691200

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

Cache-Control: public, max-age=691200

hint #110: Static resources should have a long cache value (31536000): Directives used: public, max-age=691200

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

Cache-Control: public, max-age=691200

hint #111: Static resources should use the "immutable" directive: Directives used: public, max-age=691200

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

Cache-Control: public, max-age=691200

hint #112: Static resources should have a long cache value (31536000): Directives used: public,max-age=3612701

https://i1.sndcdn.com … 28883-1qw563-t200x200.jpg

Cache-Control: public,max-age=3612701

hint #113: Static resources should use the "immutable" directive: Directives used: public,max-age=3612701

https://i1.sndcdn.com … 28883-1qw563-t200x200.jpg

Cache-Control: public,max-age=3612701

hint #114: The directive "must-revalidate" is not recommended

https://api-widget.soundc … app_version=1574158796

Cache-Control: max-age=600, must-revalidate

hint #115: No "cache-control" header or empty value found. It should have a value

https://www.youtube.com/generate_204?z8jm1w

hint #116: No "cache-control" header or empty value found. It should have a value

https://www.youtube.com/generate_204?VdVDUQ

hint #117: Static resources should have a long cache value (31536000): Directives used: public, max-age=86400

https://cdn.siftscience.com/s.js?_=1574263493428

Cache-Control: public, max-age=86400

hint #118: Static resources should use the "immutable" directive: Directives used: public, max-age=86400

https://cdn.siftscience.com/s.js?_=1574263493428

Cache-Control: public, max-age=86400

hint #119: The following directives have an invalid value: pre-check=0 post-check=0

https://syndication.twitt … 22impression%22%7D%7D

Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0

hint #120: The following directive has an invalid value: no-cache=set-cookie

https://hexagon-analytics … aa799830c8f9240f4a096&z=z

Cache-Control: private, no-cache, no-cache=set-cookie, proxy-revalidate

hint #121: The directive "must-revalidate" is not recommended

https://www.facebook … 6761410244585151478-0

Cache-Control: private, no-store, no-cache, must-revalidate

hint #122: No "cache-control" header or empty value found. It should have a value

https://paybis.com/favicon.ico

http-compression: 120 hints

hint #1: Response should not be compressed for requests made with 'accept-encoding: identity'.

https://widget.trustpilot … 5577004d0000ff000580102b

hint #2: Response should not include 'content-encoding' header for requests made with 'accept-encoding: identity'.

https://widget.trustpilot … 5577004d0000ff000580102b

hint #3: Response should not be compressed for requests made with 'accept-encoding: identity'.

https://widget.trustpilot … 5577004d0000ff000580102b

hint #4: Response should not include 'content-encoding' header for requests made with 'accept-encoding: identity'.

https://widget.trustpilot … 5577004d0000ff000580102b

hint #5: Response should include 'vary' header containing 'accept-encoding' value.

https://widget.trustpilot … 5577004d0000ff000580102b

Vary: Cache-Control: max-age=86400

hint #6: Response should include 'vary' header containing 'accept-encoding' value.

https://widget.trustpilot … 5577004d0000ff000580102b

Vary: Cache-Control: max-age=86400

hint #7: Response should include 'vary' header containing 'accept-encoding' value.

https://www.youtube.com/embed/hhg_pvk4w5E

Vary: Cache-Control: no-cache

hint #8: Response should include 'vary' header containing 'accept-encoding' value.

https://www.youtube.com//embed/gNWuU55OeFg

Vary: Cache-Control: no-cache

hint #9: Response should include 'vary' header containing 'accept-encoding' value.

https://w.soundcloud … false&show_teaser=true

Vary: Cache-Control: public, max-age=300

hint #10: Response should not be compressed.

https://staticxx.facebook … arbiter.php?version=44

hint #11: Response should not include 'content-encoding' header.

https://staticxx.facebook … arbiter.php?version=44

Content-Encoding: gzip

hint #12: Response should include 'vary' header containing 'accept-encoding' value.

https://2-vbus-eu.ladesk … bus.html?v=5.15.11.2

Vary: Cache-Control:

hint #13: Response should not be compressed.

https://www.facebook … false&show_faces=false

hint #14: Response should not include 'content-encoding' header.

https://www.facebook … false&show_faces=false

Content-Encoding: br

hint #15: Response should be compressed with Zopfli when gzip compression is requested.

https://paybis.com/assets … 702f64f583f8/raven.min.js

<script src="/assets/9db333b08a66e9eb79cc702f64f583f8/raven.min.js"></script>

hint #16: Response should be compressed with Zopfli when gzip compression is requested.

https://paybis.com/assets … 07a289dcd80997cc24989.css

<link href="/assets/all-2620c64200e07a289dcd80997cc24989.css" rel="stylesheet">

hint #17: Response should be compressed with Zopfli when gzip compression is requested.

https://paybis.com/assets … c3ecf8abe26ed2f0abe6b8.js

<script src="/assets/all-39bc476d52c3ecf8abe26ed2f0abe6b8.js"></script>

hint #18: Response should not be compressed for requests made with 'accept-encoding: identity'.

https://widget.trustpilot … widget.bootstrap.min.js

<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>

hint #19: Response should not include 'content-encoding' header for requests made with 'accept-encoding: identity'.

https://widget.trustpilot … widget.bootstrap.min.js

<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>

hint #20: Response should be compressed with Zopfli when gzip compression is requested.

https://widget.trustpilot … widget.bootstrap.min.js

<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>

hint #21: Response should include 'vary' header containing 'accept-encoding' value.

https://widget.trustpilot … widget.bootstrap.min.js

Vary: Cache-Control: max-age=86400

hint #22: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://widget.trustpilot … widget.bootstrap.min.js

<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>

hint #23: Response should be compressed with Zopfli when gzip compression is requested.

https://paybis.com/cdn … tatic/email-decode.min.js

hint #24: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://paybis.com/cdn … tatic/email-decode.min.js

hint #25: Response should be compressed with Zopfli when gzip compression is requested.

https://paybis.com/js/lazyImgLoader.js

<script src="/js/lazyImgLoader.js"></script>

hint #26: Response should be compressed with Zopfli when gzip compression is requested.

https://www.googletagmana … gtm.js?id=GTM-NZTTKV4

<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>

hint #27: Response should be compressed with Zopfli when gzip compression is requested.

https://apis.google.com/js/platform.js

<script src="//apis.google.com/js/platform.js" async="" defer="" gapi_processed="true"></script>

hint #28: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://apis.google.com/js/platform.js

<script src="//apis.google.com/js/platform.js" async="" defer="" gapi_processed="true"></script>

hint #29: Response should be compressed with Zopfli when gzip compression is requested.

https://platform.twitter.com/widgets.js

<script id="twitter-wjs" src="https://platform.twitter.com/widgets.js"></script>

hint #30: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://platform.twitter.com/widgets.js

<script id="twitter-wjs" src="https://platform.twitter.com/widgets.js"></script>

hint #31: Response should be compressed with Zopfli when gzip compression is requested.

https://connect.facebook.net/en_US/sdk.js

hint #32: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://connect.facebook.net/en_US/sdk.js

hint #33: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.

https://paybis.com/twitter-count/

hint #34: Response should not be served compressed with Brotli as the compressed size is bigger than the uncompressed one.

https://paybis.com/twitter-count/

hint #35: Response should be compressed with Zopfli when gzip compression is requested.

https://paybis.ladesk.com/scripts/track.js

<script id="la_x2s6df8d" async="" src="https://paybis.ladesk.com/scripts/track.js"></script>

hint #36: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://paybis.ladesk.com/scripts/track.js

<script id="la_x2s6df8d" async="" src="https://paybis.ladesk.com/scripts/track.js"></script>

hint #37: Response should be compressed with Zopfli when gzip compression is requested.

https://paybis.com/get-crypto-rates/

hint #38: Response should be compressed with Zopfli when gzip compression is requested.

https://paybis.com/resources/paybisLogoNoText.svg

<img class="" src="/resources/paybisLogoNoText.svg" alt="" data-src="/resources/paybisLogoNoText.svg">

hint #39: Response should be compressed with Zopfli when gzip compression is requested.

https://paybis.com/get … credit-card&isSellPage=0

hint #40: Response should not be compressed for requests made with 'accept-encoding: identity'.

https://connect.facebook.net/en_US/fbevents.js

<script async="" src="https://connect.facebook.net/en_US/fbevents.js"></script>

hint #41: Response should be compressed with Zopfli when gzip compression is requested.

https://connect.facebook.net/en_US/fbevents.js

<script async="" src="https://connect.facebook.net/en_US/fbevents.js"></script>

hint #42: Response should include 'content-encoding: br' header.

https://connect.facebook.net/en_US/fbevents.js

<script async="" src="https://connect.facebook.net/en_US/fbevents.js"></script>

hint #43: Response should be compressed with Zopfli when gzip compression is requested.

https://connect.facebook … 41ec3899007&ua=modern_es6

<script src="https://connect.facebook.net/en_US/sdk.js?hash=3f651d529bbafe5af6d4e41ec3899007&amp;ua=modern_es6" async="" crossorigin="anonymous">

hint #44: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://connect.facebook … 41ec3899007&ua=modern_es6

<script src="https://connect.facebook.net/en_US/sdk.js?hash=3f651d529bbafe5af6d4e41ec3899007&amp;ua=modern_es6" async="" crossorigin="anonymous">

hint #45: Response should be compressed with Zopfli when gzip compression is requested.

https://static.hotjar.com/c/hotjar-155484.js?sv=5

<script type="text/javascript" async="" src="//static.hotjar.com/c/hotjar-155484.js?sv=5"></script>

hint #46: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://static.hotjar.com/c/hotjar-155484.js?sv=5

<script type="text/javascript" async="" src="//static.hotjar.com/c/hotjar-155484.js?sv=5"></script>

hint #47: Response should not be compressed for requests made with 'accept-encoding: identity'.

https://widget.trustpilot … 7fa0340045cd0c936/main.js

hint #48: Response should not include 'content-encoding' header for requests made with 'accept-encoding: identity'.

https://widget.trustpilot … 7fa0340045cd0c936/main.js

hint #49: Response should be compressed with Zopfli when gzip compression is requested.

https://widget.trustpilot … 7fa0340045cd0c936/main.js

hint #50: Response should include 'vary' header containing 'accept-encoding' value.

https://widget.trustpilot … 7fa0340045cd0c936/main.js

Vary: Cache-Control: max-age=86400

hint #51: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://widget.trustpilot … 7fa0340045cd0c936/main.js

hint #52: Response should not be compressed for requests made with 'accept-encoding: identity'.

https://widget.trustpilot … fc6454f065c28af8b/main.js

hint #53: Response should not include 'content-encoding' header for requests made with 'accept-encoding: identity'.

https://widget.trustpilot … fc6454f065c28af8b/main.js

hint #54: Response should be compressed with Zopfli when gzip compression is requested.

https://widget.trustpilot … fc6454f065c28af8b/main.js

hint #55: Response should include 'vary' header containing 'accept-encoding' value.

https://widget.trustpilot … fc6454f065c28af8b/main.js

Vary: Cache-Control: max-age=86400

hint #56: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://widget.trustpilot … fc6454f065c28af8b/main.js

hint #57: Response should be compressed with Zopfli when gzip compression is requested.

https://connect.facebook … 5687361?v=2.9.13&r=stable

<script src="https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&amp;r=stable" async="">

hint #58: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://connect.facebook … 5687361?v=2.9.13&r=stable

<script src="https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&amp;r=stable" async="">

hint #59: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.

https://paybis.com/site/client-id/

hint #60: Response should not be served compressed with Brotli as the compressed size is bigger than the uncompressed one.

https://paybis.com/site/client-id/

hint #61: Response should be compressed with Zopfli when gzip compression is requested.

https://www.youtube.com … player-webp-vfl531yHL.css

hint #62: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.youtube.com … player-webp-vfl531yHL.css

hint #63: Response should be compressed with Zopfli when gzip compression is requested.

https://www.youtube.com … muzAg/www-embed-player.js

hint #64: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.youtube.com … muzAg/www-embed-player.js

hint #65: Response should be compressed with Zopfli when gzip compression is requested.

https://www.youtube.com … vfl8EyRMW/en_US/base.js

hint #66: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.youtube.com … vfl8EyRMW/en_US/base.js

hint #67: Response should be compressed with Zopfli when gzip compression is requested.

https://www.youtube.com … player-webp-vfl531yHL.css

hint #68: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.youtube.com … player-webp-vfl531yHL.css

hint #69: Response should be compressed with Zopfli when gzip compression is requested.

https://www.youtube.com … muzAg/www-embed-player.js

hint #70: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.youtube.com … muzAg/www-embed-player.js

hint #71: Response should be compressed with Zopfli when gzip compression is requested.

https://script.hotjar … 654cbaa3f0bd561e7235.js

<script async="" src="https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js" charset="utf-8">

hint #72: Response should not be compressed.

https://paybis.ladesk … 7B%7D&vn=Y&ci=&jstk=Y

hint #73: Response should not include 'content-encoding' header.

https://paybis.ladesk … 7B%7D&vn=Y&ci=&jstk=Y

Content-Encoding: gzip

hint #74: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.

https://syndication.twitter.com/settings

hint #75: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://syndication.twitter.com/settings

hint #76: Response should be compressed with Zopfli when gzip compression is requested.

https://widget.sndcdn … idget-eb595a5-7505829a.js

hint #77: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://widget.sndcdn … idget-eb595a5-7505829a.js

hint #78: Response should be compressed with Zopfli when gzip compression is requested.

https://widget.sndcdn … sound-7a5529e-7a528cf9.js

hint #79: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://widget.sndcdn … sound-7a5529e-7a528cf9.js

hint #80: Response should be compressed with gzip when gzip compression is requested.

https://widget.trustpilot … locale=en-GB&theme=light

hint #81: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://widget.trustpilot … locale=en-GB&theme=light

hint #82: Response should be compressed with Zopfli when gzip compression is requested.

https://widget.trustpilot … ewsPerPage=15&theme=light

hint #83: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://widget.trustpilot … ewsPerPage=15&theme=light

hint #84: Response should be compressed with Zopfli when gzip compression is requested.

https://www.youtube.com … vfl8EyRMW/en_US/base.js

hint #85: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.youtube.com … vfl8EyRMW/en_US/base.js

hint #86: Response should be compressed with Zopfli when gzip compression is requested.

https://platform.twitter … fa3e281bb07d1de2c3bee3.js

<script charset="utf-8" src="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">

hint #87: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://platform.twitter … fa3e281bb07d1de2c3bee3.js

<script charset="utf-8" src="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">

hint #88: Response should be compressed with Zopfli when gzip compression is requested.

https://api-widget.soundc … app_version=1574158796

hint #89: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://api-widget.soundc … app_version=1574158796

hint #90: Response should be compressed with Zopfli when gzip compression is requested.

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

hint #91: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

hint #92: Response should be compressed with gzip when gzip compression is requested.

https://static.doubleclic … instream/ad_status.js

hint #93: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://static.doubleclic … instream/ad_status.js

hint #94: Response should be compressed with Zopfli when gzip compression is requested.

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

hint #95: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

hint #96: Response should be compressed with gzip when gzip compression is requested.

https://static.doubleclic … instream/ad_status.js

hint #97: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://static.doubleclic … instream/ad_status.js

hint #98: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.

https://googleads.g.doubleclick.net/pagead/id

hint #99: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://googleads.g.doubleclick.net/pagead/id

hint #100: Response should be compressed with gzip when gzip compression is requested.

https://www.facebook.com/tr/

hint #101: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.facebook.com/tr/

hint #102: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.

https://googleads.g.doubl … net/pagead/id?slf_rd=1

hint #103: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://googleads.g.doubl … net/pagead/id?slf_rd=1

hint #104: Response should be compressed with Zopfli when gzip compression is requested.

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

hint #105: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

hint #106: Response should be compressed with Zopfli when gzip compression is requested.

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

hint #107: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

hint #108: Response should be compressed with Zopfli when gzip compression is requested.

https://wave.sndcdn.com/8KbLM4l2p41B_m.json

hint #109: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://wave.sndcdn.com/8KbLM4l2p41B_m.json

hint #110: Response should not be served compressed with gzip as the compressed size is bigger than the uncompressed one.

https://api-widget.soundc … app_version=1574158796

hint #111: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://api-widget.soundc … app_version=1574158796

hint #112: Response should be compressed with Zopfli when gzip compression is requested.

https://cdn.siftscience.com/s.js?_=1574263493428

hint #113: Response should be compressed with Brotli when Brotli compression is requested over HTTPS.

https://cdn.siftscience.com/s.js?_=1574263493428

hint #114: Response should not be compressed.

https://syndication.twitt … 22impression%22%7D%7D

hint #115: Response should not include 'content-encoding' header.

https://syndication.twitt … 22impression%22%7D%7D

Content-Encoding: gzip

hint #116: Response should be compressed with Zopfli when gzip compression is requested.

https://www.facebook … js?_nc_x=Ij3Wp8lg5Kz

hint #117: Response should not be compressed.

https://www.facebook … 6761410244585151478-0

hint #118: Response should not include 'content-encoding' header.

https://www.facebook … 6761410244585151478-0

Content-Encoding: br

hint #119: Response should not be compressed.

https://paybis.com/favicon.ico

hint #120: Response should not include 'content-encoding' header.

https://paybis.com/favicon.ico

Content-Encoding: br
no-html-only-headers: 48 hints

hint #1: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/resour … guide/step-by-step-1.png

<img alt="" src="/resources/guide/step-by-step-1.png" style="float:right;height:334px;width:589px;">

hint #2: Response should not include unneeded 'x-xss-protection' header.

https://paybis.com/assets … 702f64f583f8/raven.min.js

<script src="/assets/9db333b08a66e9eb79cc702f64f583f8/raven.min.js"></script>

hint #3: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/resources/placeholder.png

<img class="lazy" src="/resources/placeholder.png" alt="Digital and Crypto currency exchange" title="PayBis - Digital and Crypto currency exchange!" data-src="/resources/paybisLogoLarge.svg">

hint #4: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/assets … 07a289dcd80997cc24989.css

<link href="/assets/all-2620c64200e07a289dcd80997cc24989.css" rel="stylesheet">

hint #5: Response should not include unneeded 'x-xss-protection' header.

https://paybis.com/assets … c3ecf8abe26ed2f0abe6b8.js

<script src="/assets/all-39bc476d52c3ecf8abe26ed2f0abe6b8.js"></script>

hint #6: Response should not include unneeded 'x-xss-protection' header.

https://paybis.com/js/lazyImgLoader.js

<script src="/js/lazyImgLoader.js"></script>

hint #7: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/resour … guide/step-by-step-3.png

<img alt="" src="/resources/guide/step-by-step-3.png" style="float:right;height:300px;width:624px;">

hint #8: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/resour … guide/step-by-step-2.png

<img alt="" src="resources/guide/step-by-step-2.png" style="float:right;height:933px;width:578px;">

hint #9: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/resour … guide/step-by-step-4.png

<img alt="" src="/resources/guide/step-by-step-4.png" style="float:right;height:189px;width:600px;">

hint #10: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/resour … guide/step-by-step-7.png

<img alt="" src="/resources/guide/step-by-step-7.png" style="float:right;height:210px;width:600px;">

hint #11: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/resour … guide/step-by-step-8.png

<img alt="" src="/resources/guide/step-by-step-8.png" style="float:right;height:177px;width:600px;">

hint #12: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/resour … PayBisLogo-SmallRing.png

<img alt="PayBis Logo" rel="Facebook image" src="https://paybis.com/resources/PayBisLogo-SmallRing.png" style="display: none;">

hint #13: Response should not include unneeded 'x-xss-protection' header.

https://www.googletagmana … gtm.js?id=GTM-NZTTKV4

<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>

hint #14: Response should not include unneeded 'x-ua-compatible' and 'x-xss-protection' headers.

https://apis.google.com/js/platform.js

<script src="//apis.google.com/js/platform.js" async="" defer="" gapi_processed="true"></script>

hint #15: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/resources/btc_bg_black.png

hint #16: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/assets … illic_latin-regular.woff2

hint #17: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/assets … bfonts/fa-solid-900.woff2

hint #18: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/assets … cyrillic_latin-700.woff2

hint #19: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/assets … fonts/fa-brands-400.woff2

hint #20: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/assets … cyrillic_latin-300.woff2

hint #21: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/twitter-count/

hint #22: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/get-crypto-rates/

hint #23: Response should not include unneeded 'x-xss-protection' header.

https://paybis.com/resources/paybisLogoNoText.svg

<img class="" src="/resources/paybisLogoNoText.svg" alt="" data-src="/resources/paybisLogoNoText.svg">

hint #24: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/get … credit-card&isSellPage=0

hint #25: Response should not include unneeded 'x-xss-protection' header.

https://connect.facebook.net/en_US/fbevents.js

<script async="" src="https://connect.facebook.net/en_US/fbevents.js"></script>

hint #26: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/images … 434030674-BitcoinLogo.png

<img src="/images/1434438389-1434030674-BitcoinLogo.png" height="25">

hint #27: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/images … 478541033-Credit-Card.png

<img src="/images/1478541033-Credit-Card.png" height="25">

hint #28: Response should not include unneeded 'x-xss-protection' header.

https://connect.facebook … 5687361?v=2.9.13&r=stable

<script src="https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&amp;r=stable" async="">

hint #29: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/site/client-id/

hint #30: Response should not include unneeded 'x-xss-protection' header.

https://www.youtube.com … player-webp-vfl531yHL.css

hint #31: Response should not include unneeded 'x-xss-protection' header.

https://www.youtube.com … muzAg/www-embed-player.js

hint #32: Response should not include unneeded 'x-xss-protection' header.

https://www.youtube.com … vfl8EyRMW/en_US/base.js

hint #33: Response should not include unneeded 'x-xss-protection' header.

https://www.youtube.com … player-webp-vfl531yHL.css

hint #34: Response should not include unneeded 'x-xss-protection' header.

https://www.youtube.com … muzAg/www-embed-player.js

hint #35: Response should not include unneeded 'x-xss-protection' header.

https://www.youtube.com … vfl8EyRMW/en_US/base.js

hint #36: Response should not include unneeded 'x-xss-protection' header.

https://www.google.com … 331574&_v=j79&z=546748318

hint #37: Response should not include unneeded 'x-xss-protection' header.

https://www.google.com … 6280358&_v=j79&z=66113206

hint #38: Response should not include unneeded 'x-xss-protection' header.

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

hint #39: Response should not include unneeded 'x-xss-protection' header.

https://static.doubleclic … instream/ad_status.js

hint #40: Response should not include unneeded 'x-xss-protection' header.

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

hint #41: Response should not include unneeded 'x-xss-protection' header.

https://static.doubleclic … instream/ad_status.js

hint #42: Response should not include unneeded 'x-xss-protection' header.

https://googleads.g.doubleclick.net/pagead/id

hint #43: Response should not include unneeded 'x-xss-protection' header.

https://googleads.g.doubl … net/pagead/id?slf_rd=1

hint #44: Response should not include unneeded 'x-xss-protection' header.

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

hint #45: Response should not include unneeded 'x-xss-protection' header.

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

hint #46: Response should not include unneeded 'x-xss-protection' header.

https://syndication.twitt … 22impression%22%7D%7D

hint #47: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://www.facebook … 6761410244585151478-0

hint #48: Response should not include unneeded 'content-security-policy' and 'x-xss-protection' headers.

https://paybis.com/favicon.ico

no-http-redirects: 2 hints

hint #1: 2 redirects detected for 'https://www.google-anal … 4263495&_r=1&z=546748318' (max is 0).

https://www.google-analyt … 74263495&_r=1&z=546748318

hint #2: 2 redirects detected for 'https://www.google-anal … 2wgav9NZTTKV4&z=66113206' (max is 0).

https://www.google-analyt … 2wgav9NZTTKV4&z=66113206

performance-budget: 1 hints

hint #1: To load all the resources on a 4G network, it will take about 43.1s in optimal conditions (that is 38.1s more than the 5s target).

https://paybis.com/

image-optimization-cloudinary: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

Pitfalls

button-type: 2 hints

hint #1: Button type attribute has not been set

https://paybis.com/

<button class="btn btn-defaultw" disabled="disabled">

hint #2: Button type attribute has not been set

https://paybis.com/

<button class="btn btn-defaultw" disabled="disabled">

Security

no-protocol-relative-urls: 6 hints

hint #1: '//static.hotjar.com/c/hotjar-155484.js?sv=5' should not be specified as a protocol-relative URL.

https://paybis.com/

<script type="text/javascript" async="" src="//static.hotjar.com/c/hotjar-155484.js?sv=5"></script>

hint #2: '//connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6&appId=830232613697077' should not be specified as a protocol-relative URL.

https://paybis.com/

<script id="facebook-jssdk" src="//connect.facebook.net/en_US/sdk.js#xfbml=1&amp;version=v2.6&amp;appId=830232613697077">

hint #3: '//www.google-analytics.com/analytics.js' should not be specified as a protocol-relative URL.

https://paybis.com/

<script async="" src="//www.google-analytics.com/analytics.js"></script>

hint #4: '//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4' should not be specified as a protocol-relative URL.

https://paybis.com/

<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>

hint #5: '//apis.google.com/js/platform.js' should not be specified as a protocol-relative URL.

https://paybis.com/

<script src="//apis.google.com/js/platform.js" async="" defer="" gapi_processed="true"></script>

hint #6: '//widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js' should not be specified as a protocol-relative URL.

https://paybis.com/

<script type="text/javascript" src="//widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js" async="">
sri: 16 hints

hint #1: Cross-origin resource <a href="https://paybis.com/assets/9db333b08a66e9eb79cc702f64f583f8/raven.min.js">https://paybis.com/assets/9db333b08a66e9eb79cc702f64f583f8/raven.min.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script src="/assets/9db333b08a66e9eb79cc702f64f583f8/raven.min.js"></script>

hint #2: Cross-origin resource <a href="https://paybis.com/assets/all-2620c64200e07a289dcd80997cc24989.css">https://paybis.com/assets/all-2620c64200e07a289dcd80997cc24989.css</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<link href="/assets/all-2620c64200e07a289dcd80997cc24989.css" rel="stylesheet">

hint #3: Cross-origin resource <a href="https://paybis.com/assets/all-39bc476d52c3ecf8abe26ed2f0abe6b8.js">https://paybis.com/assets/all-39bc476d52c3ecf8abe26ed2f0abe6b8.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script src="/assets/all-39bc476d52c3ecf8abe26ed2f0abe6b8.js"></script>

hint #4: Cross-origin resource <a href="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js">https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>

hint #5: Cross-origin resource <a href="https://paybis.com/js/lazyImgLoader.js">https://paybis.com/js/lazyImgLoader.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script src="/js/lazyImgLoader.js"></script>

hint #6: Cross-origin resource https://www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4 needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>

hint #7: Cross-origin resource <a href="https://apis.google.com/js/platform.js">https://apis.google.com/js/platform.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script src="//apis.google.com/js/platform.js" async="" defer="" gapi_processed="true"></script>

hint #8: Cross-origin resource <a href="https://platform.twitter.com/widgets.js">https://platform.twitter.com/widgets.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script id="twitter-wjs" src="https://platform.twitter.com/widgets.js"></script>

hint #9: Cross-origin resource <a href="https://paybis.ladesk.com/scripts/track.js">https://paybis.ladesk.com/scripts/track.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script id="la_x2s6df8d" async="" src="https://paybis.ladesk.com/scripts/track.js"></script>

hint #10: Cross-origin resource <a href="https://connect.facebook.net/en_US/fbevents.js">https://connect.facebook.net/en_US/fbevents.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script async="" src="https://connect.facebook.net/en_US/fbevents.js"></script>

hint #11: Resource <a href="https://connect.facebook.net/en_US/sdk.js?hash=3f651d529bbafe5af6d4e41ec3899007&ua=modern_es6">https://connect.facebook.net/en_US/sdk.js?hash=3f651d529bbafe5af6d4e41ec3899007&ua=modern_es6</a> requested without the "integrity" attribute

https://www.facebook … false&show_faces=false

<script src="https://connect.facebook.net/en_US/sdk.js?hash=3f651d529bbafe5af6d4e41ec3899007&amp;ua=modern_es6" async="" crossorigin="anonymous">

hint #12: Cross-origin resource <a href="https://static.hotjar.com/c/hotjar-155484.js?sv=5">https://static.hotjar.com/c/hotjar-155484.js?sv=5</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script type="text/javascript" async="" src="//static.hotjar.com/c/hotjar-155484.js?sv=5"></script>

hint #13: Cross-origin resource <a href="https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&r=stable">https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&r=stable</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script src="https://connect.facebook.net/signals/config/1879442245687361?v=2.9.13&amp;r=stable" async="">

hint #14: Cross-origin resource <a href="https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js">https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script async="" src="https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js" charset="utf-8">

hint #15: Cross-origin resource <a href="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://www.facebook … false&show_faces=false

<script charset="utf-8" src="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">

hint #16: Cross-origin resource <a href="https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6&appId=830232613697077">https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6&appId=830232613697077</a> needs a "crossorigin" attribute to be eligible for integrity validation

https://paybis.com/

<script id="facebook-jssdk" src="//connect.facebook.net/en_US/sdk.js#xfbml=1&amp;version=v2.6&amp;appId=830232613697077">
strict-transport-security: 53 hints

hint #1: 'strict-transport-security' header was not specified

https://widget.trustpilot … 5577004d0000ff000580102b

hint #2: 'strict-transport-security' header was not specified

https://widget.trustpilot … 5577004d0000ff000580102b

hint #3: 'strict-transport-security' header 'max-age' value should be more than 10886400

https://w.soundcloud … false&show_teaser=true

Strict-Transport-Security: max-age=2592000

hint #4: 'strict-transport-security' header was not specified

https://platform.twitter … https%3A%2F%2Fpaybis.com

hint #5: 'strict-transport-security' header was not specified

https://vars.hotjar.com … e933fad3a2e45df61b38.html

hint #6: 'strict-transport-security' header was not specified

https://2-vbus-eu.ladesk … bus.html?v=5.15.11.2

hint #7: 'strict-transport-security' header was not specified

https://platform.twitter … 3368df1a320e00cbf.en.html

hint #8: 'strict-transport-security' header was not specified

https://widget.trustpilot … widget.bootstrap.min.js

<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>

hint #9: 'strict-transport-security' header was not specified

https://www.googletagmana … gtm.js?id=GTM-NZTTKV4

<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>

hint #10: 'strict-transport-security' header was not specified

https://s3.amazonaws … to+BTC/DE/Step+4.2.PNG

<img alt="" src="https://s3.amazonaws.com/media.paybis.com/images/Step-by-step/CC/%D0%A1%D0%A1+to+BTC/DE/Step+4.2.PNG" style="float:right;height:750px;width:600px;">

hint #11: 'strict-transport-security' header was not specified

https://s3.amazonaws … to+BTC/DE/Step+4.3.PNG

<img alt="" src="https://s3.amazonaws.com/media.paybis.com/images/Step-by-step/CC/%D0%A1%D0%A1+to+BTC/DE/Step+4.3.PNG" style="float:right;height:312px;width:600px;">

hint #12: 'strict-transport-security' header was not specified

https://platform.twitter.com/widgets.js

<script id="twitter-wjs" src="https://platform.twitter.com/widgets.js"></script>

hint #13: 'strict-transport-security' header 'max-age' value should be more than 10886400

https://paybis.ladesk.com/scripts/track.js

Strict-Transport-Security: max-age=2592000; includesubdomains

hint #14: 'strict-transport-security' header was not specified

https://static.hotjar.com/c/hotjar-155484.js?sv=5

<script type="text/javascript" async="" src="//static.hotjar.com/c/hotjar-155484.js?sv=5"></script>

hint #15: 'strict-transport-security' header was not specified

https://widget.trustpilot … 7fa0340045cd0c936/main.js

hint #16: 'strict-transport-security' header was not specified

https://widget.trustpilot … fc6454f065c28af8b/main.js

hint #17: 'strict-transport-security' header was not specified

https://www.youtube.com … player-webp-vfl531yHL.css

hint #18: 'strict-transport-security' header was not specified

https://www.youtube.com … muzAg/www-embed-player.js

hint #19: 'strict-transport-security' header was not specified

https://www.youtube.com … vfl8EyRMW/en_US/base.js

hint #20: 'strict-transport-security' header was not specified

https://www.youtube.com … player-webp-vfl531yHL.css

hint #21: 'strict-transport-security' header was not specified

https://www.youtube.com … muzAg/www-embed-player.js

hint #22: 'strict-transport-security' header was not specified

https://script.hotjar … 654cbaa3f0bd561e7235.js

<script async="" src="https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js" charset="utf-8">

hint #23: 'strict-transport-security' header was not specified

https://paybis.ladesk … 7B%7D&vn=Y&ci=&jstk=Y

hint #24: 'strict-transport-security' header was not specified

https://widget.sndcdn … idget-eb595a5-7505829a.js

hint #25: 'strict-transport-security' header was not specified

https://widget.sndcdn … sound-7a5529e-7a528cf9.js

hint #26: 'strict-transport-security' header was not specified

https://widget.trustpilot … locale=en-GB&theme=light

hint #27: 'strict-transport-security' header was not specified

https://widget.trustpilot … ewsPerPage=15&theme=light

hint #28: 'strict-transport-security' header was not specified

https://www.youtube.com … vfl8EyRMW/en_US/base.js

hint #29: 'strict-transport-security' header was not specified

https://www.google.com … 331574&_v=j79&z=546748318

hint #30: 'strict-transport-security' header was not specified

https://www.google.com … 6280358&_v=j79&z=66113206

hint #31: 'strict-transport-security' header was not specified

https://platform.twitter … fa3e281bb07d1de2c3bee3.js

<script charset="utf-8" src="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">

hint #32: 'strict-transport-security' header was not specified

https://widget.sndcdn … logo-200x120-a1591e.png

hint #33: 'strict-transport-security' header 'max-age' value should be more than 10886400

https://api-widget.soundc … app_version=1574158796

Strict-Transport-Security: max-age=2592000

hint #34: 'strict-transport-security' header was not specified

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

hint #35: 'strict-transport-security' header was not specified

https://static.doubleclic … instream/ad_status.js

hint #36: 'strict-transport-security' header was not specified

https://www.google.com … MN8UiFPhzyE0l_wYdSvGb4.js

hint #37: 'strict-transport-security' header was not specified

https://static.doubleclic … instream/ad_status.js

hint #38: 'strict-transport-security' header was not specified

https://googleads.g.doubleclick.net/pagead/id

hint #39: 'strict-transport-security' header was not specified

https://widget.trustpilot … 5419b637fa0340045cd0c936

hint #40: 'strict-transport-security' header was not specified

https://widget.trustpilot … 54ad5defc6454f065c28af8b

hint #41: 'strict-transport-security' header was not specified

https://widget.trustpilot … 5419b637fa0340045cd0c936

hint #42: 'strict-transport-security' header was not specified

https://googleads.g.doubl … net/pagead/id?slf_rd=1

hint #43: 'strict-transport-security' header was not specified

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

hint #44: 'strict-transport-security' header was not specified

https://www.youtube.com … vfl8EyRMW/en_US/remote.js

hint #45: 'strict-transport-security' header was not specified

https://i1.sndcdn.com … 28883-1qw563-t200x200.jpg

hint #46: 'strict-transport-security' header was not specified

https://wave.sndcdn.com/8KbLM4l2p41B_m.json

hint #47: 'strict-transport-security' header 'max-age' value should be more than 10886400

https://api-widget.soundc … app_version=1574158796

Strict-Transport-Security: max-age=2592000

hint #48: 'strict-transport-security' header was not specified

https://www.youtube.com/generate_204?z8jm1w

hint #49: 'strict-transport-security' header was not specified

https://www.youtube.com/generate_204?VdVDUQ

hint #50: 'strict-transport-security' header was not specified

https://cdn.siftscience.com/s.js?_=1574263493428

hint #51: 'strict-transport-security' header was not specified

https://www.facebook … y5/r/OqOE21UvWe3.png

hint #52: 'strict-transport-security' header was not specified

https://hexagon-analytics … aa799830c8f9240f4a096&z=z

hint #53: 'strict-transport-security' header was not specified

https://www.facebook … js?_nc_x=Ij3Wp8lg5Kz

x-content-type-options: 36 hints

hint #1: Response should include 'x-content-type-options' header.

https://widget.trustpilot … 5577004d0000ff000580102b

hint #2: Response should include 'x-content-type-options' header.

https://widget.trustpilot … 5577004d0000ff000580102b

hint #3: Response should include 'x-content-type-options' header.

https://w.soundcloud … false&show_teaser=true

hint #4: Response should include 'x-content-type-options' header.

https://platform.twitter … https%3A%2F%2Fpaybis.com

hint #5: Response should include 'x-content-type-options' header.

https://vars.hotjar.com … e933fad3a2e45df61b38.html

hint #6: Response should include 'x-content-type-options' header.

https://2-vbus-eu.ladesk … bus.html?v=5.15.11.2

hint #7: Response should include 'x-content-type-options' header.

https://platform.twitter … 3368df1a320e00cbf.en.html

hint #8: Response should include 'x-content-type-options' header.

https://widget.trustpilot … widget.bootstrap.min.js

<script src="https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"></script>

hint #9: Response should include 'x-content-type-options' header.

https://paybis.com/cdn … tatic/email-decode.min.js

hint #10: Response should include 'x-content-type-options' header.

https://www.googletagmana … gtm.js?id=GTM-NZTTKV4

<script async="" src="//www.googletagmanager.com/gtm.js?id=GTM-NZTTKV4"></script>

hint #11: Response should include 'x-content-type-options' header.

https://s3.amazonaws … to+BTC/DE/Step+4.2.PNG

<img alt="" src="https://s3.amazonaws.com/media.paybis.com/images/Step-by-step/CC/%D0%A1%D0%A1+to+BTC/DE/Step+4.2.PNG" style="float:right;height:750px;width:600px;">

hint #12: Response should include 'x-content-type-options' header.

https://s3.amazonaws … to+BTC/DE/Step+4.3.PNG

<img alt="" src="https://s3.amazonaws.com/media.paybis.com/images/Step-by-step/CC/%D0%A1%D0%A1+to+BTC/DE/Step+4.3.PNG" style="float:right;height:312px;width:600px;">

hint #13: Response should include 'x-content-type-options' header.

https://platform.twitter.com/widgets.js

<script id="twitter-wjs" src="https://platform.twitter.com/widgets.js"></script>

hint #14: Response should include 'x-content-type-options' header.

https://widget.trustpilot … 7fa0340045cd0c936/main.js

hint #15: Response should include 'x-content-type-options' header.

https://widget.trustpilot … fc6454f065c28af8b/main.js

hint #16: Response should include 'x-content-type-options' header.

https://script.hotjar … 654cbaa3f0bd561e7235.js

<script async="" src="https://script.hotjar.com/modules.654cbaa3f0bd561e7235.js" charset="utf-8">

hint #17: Response should include 'x-content-type-options' header.

https://paybis.ladesk … 7B%7D&vn=Y&ci=&jstk=Y

hint #18: Response should include 'x-content-type-options' header.

https://syndication.twitter.com/settings

hint #19: Response should include 'x-content-type-options' header.

https://widget.sndcdn … idget-eb595a5-7505829a.js

hint #20: Response should include 'x-content-type-options' header.

https://widget.sndcdn … sound-7a5529e-7a528cf9.js

hint #21: Response should include 'x-content-type-options' header.

https://widget.trustpilot … locale=en-GB&theme=light

hint #22: Response should include 'x-content-type-options' header.

https://widget.trustpilot … ewsPerPage=15&theme=light

hint #23: Response should include 'x-content-type-options' header.

https://platform.twitter … fa3e281bb07d1de2c3bee3.js

<script charset="utf-8" src="https://platform.twitter.com/js/button.d6f0e03b97fa3e281bb07d1de2c3bee3.js">

hint #24: Response should include 'x-content-type-options' header.

https://www.facebook … 3495257&coo=false&rqm=GET

hint #25: Response should include 'x-content-type-options' header.

https://widget.sndcdn … logo-200x120-a1591e.png

hint #26: Response should include 'x-content-type-options' header.

https://api-widget.soundc … app_version=1574158796

hint #27: Response should include 'x-content-type-options' header.

https://www.facebook.com/tr/

hint #28: Response should include 'x-content-type-options' header.

https://widget.trustpilot … 5419b637fa0340045cd0c936

hint #29: Response should include 'x-content-type-options' header.

https://widget.trustpilot … 54ad5defc6454f065c28af8b

hint #30: Response should include 'x-content-type-options' header.

https://widget.trustpilot … 5419b637fa0340045cd0c936

hint #31: Response should include 'x-content-type-options' header.

https://i1.sndcdn.com … 28883-1qw563-t200x200.jpg

hint #32: Response should include 'x-content-type-options' header.

https://wave.sndcdn.com/8KbLM4l2p41B_m.json

hint #33: Response should include 'x-content-type-options' header.

https://api-widget.soundc … app_version=1574158796

hint #34: Response should include 'x-content-type-options' header.

https://www.youtube.com/generate_204?z8jm1w

hint #35: Response should include 'x-content-type-options' header.

https://www.youtube.com/generate_204?VdVDUQ

hint #36: Response should include 'x-content-type-options' header.

https://cdn.siftscience.com/s.js?_=1574263493428

no-vulnerable-javascript-libraries: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.

ssllabs: 1 hints

hint #1: webhint didn't return the result fast enough. Please try later and if the problem continues, contact us.