cityofcapitola.gov

.gov user

First seen 2026-05-15 · Last seen 2026-05-15 · ok HTTP/1.1 200 1070 ms crawled 2026-05-15

NL · 89.106.200.153 · AS209626 Enflow B.V.

Reputation 94/100 dmarc monitor-only

sector government type homepage

HTML metadata

Title: Capitola, CA | Official Website
Language: en

Technology

CDN: Cloudflare
CMS: Drupal

Third-party hosts loaded (3)

www.cityofcapitola.gov×30
docaccess.com×1
www.cityofcapitola.org×1

Social

Contact

Phone

8314757300

Registration

Registrar

get.gov

Created

2026-04-14

Expires

2027-04-14 327 days left

Updated

2026-04-19

Name servers

ns1.rimuhosting.com
ns4.rimuhosting.com

DNS records live

NS

ns1.rimuhosting.com
ns4.rimuhosting.com

MX

0 cityofcapitola-gov.mail.protection.outlook.com

Verified for

Microsoft 365

Email authentication partial

SPF: v=spf1 include:spf.protection.outlook.com ip4:35.131.66.59 ip4:68.113.52.114 ip4:71.92.238.110 -all
strict (-all)
DMARC: v=DMARC1; p=none;
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

from 2026-04-27 to 2026-07-26

Expires in 66 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://www.cityofcapitola.gov

present

content-security-policy
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *