BENCHMARK — INDIVIDUAL ENTRY
Winnipeg
winnipeg.ca
SCORE
58/100
GRADE
F
STACK
Custom / non-WordPress
§ I — FINDINGS BY SEVERITY01 / 03
critical
0
high
0
medium
3
low
6
info
3
§ II — SUBJECT FILE02 / 03
- target.host
- winnipeg.ca
- server
- volt-adc
- tech
- Custom / non-WordPress
- tls
- HTTPS reachable
- hsts
- 1.0 years
- spf
- present
- dmarc
- p=none
- domain.registered
- 2002-04-24 (24y)
- domain.registrar
- Rebel.ca Corp.
- domain.expires
- 2027-04-22 (352d)
- civic-data
- open-data portal (unrecognised platform) @ data.winnipeg.ca
- civic-pages
- 7/7 categories present
- trackers
- 15 external origins (2 known, 13 unclassified)
- cookies
- 1/1 hardened
§ III — TOP FINDINGS03 / 03
- medium
No Content-Security-Policy
- medium
SPF policy is permissive (~all)
- medium
DMARC published with p=none — monitoring only
- low
No X-Frame-Options or CSP frame-ancestors
- low
Admin login (/wp-login.php) on the public path
NEXT STEP