americancanoe.org

HTML metadata

Title

American Canoe Association | Canoe, Kayak, SUP, Raft, Rescue

Description

A national nonprofit organization serving the broader paddling public by providing education related to all aspects of paddling, stewardship support to help protect paddling environments, and sanctioning of programs and events to promote paddlesport competition, exploration, and recreation.

Language

en-US

Generator

WordPress 6.9.4

Canonical

https://americancanoe.org/

Feeds

ACA » Feed RSS
ACA » Comments Feed RSS

Open Graph

url: https://americancanoe.org/
title: American Canoe Association | Canoe, Kayak, SUP, Raft, Rescue
locale: en_US
site name: ACA
description: A national nonprofit organization serving the broader paddling public by providing education related to all aspects of paddling, stewardship support to help protect paddling environments, and sanctioning of programs and events to promote paddlesport competition, exploration, and recreation.

Technology

Server: Apache
CMS: WordPress

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (7)

www.googletagmanager.com×3
fonts.googleapis.com×2
static.addtoany.com×2
www.facebook.com×2
www.google.com×2
cdn.jsdelivr.net×1
translate.google.com×1

Social

Contact

Email

support@acapaddlesports.zendesk.com

Phone

540-907-4460

Registration

Registrar

Network Solutions, LLC

Created

2005-03-28

Expires

2028-03-28 679 days left

Updated

2025-08-29

Name servers

ns23.worldnic.com
ns24.worldnic.com

DNS records live

NS

ns23.worldnic.com
ns24.worldnic.com

MX

0 americancanoe-org.mail.protection.outlook.com

TXT

qab9d9k8n0pf3dmun0b4mi0mo5
google-site-verification=ZDy7IP5vgvZXXum2BDcry6GBjm1K9yqeG5vGBnZx8jw
MS=ms83988053

Email authentication strong

SPF

v=spf1 ip4:104.182.209.62 ip4:104.41.128.118 ip4:104.211.6.192 ip4:192.138.21.222 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none

policy: none (monitoring only)

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaJZDgJwpWTBPKu+fAdwwdGJRmeMZC3no+0mWDG6BtEIKI2zzAvEhfa6ml2+619KJZAlLsQ8fv2kDc…
selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCOskacnJaCIcEjdbL91COF+RvbdwpUMR35i52+PIFozohgFYJAyO3skSwIUul5zhTJMfrKpjjdyb7pHnFvTI…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

R13

from 2026-04-04 to 2026-07-03

Expires in 46 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://americancanoe.org/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: no-referrer-when-downgrade
permissions-policy: accelerometer=(), autoplay=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), sync-xhr=(), usb=()
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://americancanoe.org/;, default-src https: 'unsafe-eval' 'unsafe-inline' 'self'; object-src 'self'; font-src https: data: 'self' http: fonts.googleapis.com themes.googleusercontent.com; connect-src https: wss: 'self'; img-src https: data: 'self' http: *.gravatar.com; worker-src blob: https: 'self' 'unsafe-inline' 'unsafe-eval'; media-src https: blob: 'self'; style-src https: 'unsafe-eval' 'unsafe-inline' 'self' http: fonts.googleapis.com
strict-transport-security: max-age=31536000; includeSubDomains; preload