Overall the web-site technically looks great, however the login form is using $_GET method. This should not be used there, since sensitive data is now posted into the URL.
You're welcome for help.
BTW, I can't see it fixed:
BTW, I can't see it fixed:
Technical part looks perfect, they DO NOT use $_GET they use AJAX $_POST to their own api. BTW they have also CSRF security in forms "CSRF shield" as you can see. I have invested ~0.5 btc two days ago. Got 2 profit withdrawals already.
PS. And they validate their forms)