Summary of cash.app [Desktop version] Website Security Test
Provided "as is" without any warranty of any kind.
Date/Time:Nov 29th, 2025 15:35 GMT+0
Server IP:162.159.140.44
Reverse DNS:-
Location:N/A
Version:for desktop
Your final score:
- A
- B
- C
- F
A+
This test was made 125 days ago and may be outdated
Refresh Test
Executive Summary for cash.app
- No third-party web software dependancies were identified. Show details.
- No obvious GDPR-related compliance issues were detected across Privacy Policy, Website Security, TLS Encryption, Cookie Protection, Cookie Disclaimer. The following checks were not performed, as no corresponding cookies with personal or tracking information seem to be sent by the website: Website Security. Show details.
- No obvious PCI DSS compliance issues were detected for Requirements 6.3 and 6.4. Show details.
- Issues were identified with key security header misconfigured Content-Security-Policy. Optional HTTP headers appear to be properly configured: Server, Cache-Control. Deprecated HTTP headers detected: X-XSS-Protection. Show details.
- Content-Security-Policy is enforced but configuration issues were identified: overly permissive directives, directive errors, deprecated directives. A report-only Content-Security-Policy is not present. Show details.
- 3 cookies detected; __nsid, __st have security or privacy-related configuration issues. Show details.
- 72 external requests detected; 3 requests failed. SRI is implemented for 12 out of 19 third-party JavaScript and CSS files. Show details.
- 2 User-Agent blocks and 1 bot protection mechanism detected. No protection detected via robots.txt rules or meta restrictions. Additional anti-scraping protection appears to be provided by external infrastructure. Show details.
- 2 DNS A records detected; DNSSEC signatures are not present. Show details.
