BENCHMARK — INDIVIDUAL ENTRY
Richmond
richmond.ca
SCORE
58/100
GRADE
F
STACK
Custom / non-WordPress
§ I — FINDINGS BY SEVERITY01 / 03
critical
0
high
0
medium
3
low
6
info
2
§ II — SUBJECT FILE02 / 03
- target.host
- richmond.ca
- server
- Microsoft-IIS/10.0
- powered-by
- ASP.NET
- tech
- Custom / non-WordPress
- tls
- HTTPS reachable
- hsts
- not set
- spf
- present
- dmarc
- p=reject
- civic-pages
- 4/7 categories present
- trackers
- 10 external origins (0 known, 10 unclassified)
§ III — TOP FINDINGS03 / 03
- medium
No HSTS — HTTPS is not enforced for returning visitors
- medium
No Content-Security-Policy
- medium
No published privacy policy on standard paths
- low
No X-Content-Type-Options: nosniff
- low
No X-Frame-Options or CSP frame-ancestors
NEXT STEP