collegeboard.org

HTML metadata

Title: College Board - SAT, AP, College Search and Admission Tools
Description: College Board is a non-profit organization that clears a path for all students to own their future through the AP Program, SAT Suite, BigFuture, and more.
Language: en
Canonical: https://www.collegeboard.org/

Technology

CDN: Akamai
Server: nginx

Third-party hosts loaded (1)

cdnjs.cloudflare.com×1

Registration

Registrar

SafeNames Ltd.

Created

1994-12-14

Expires

2026-12-13 208 days left

Updated

2026-01-27

Name servers

ns-1054.awsdns-03.org
ns-1937.awsdns-50.co.uk
ns-373.awsdns-46.com
ns-756.awsdns-30.net

DNS records live

NS

ns-1054.awsdns-03.org
ns-1937.awsdns-50.co.uk
ns-373.awsdns-46.com
ns-756.awsdns-30.net

MX

10 mxa-004a7c01.gslb.pphosted.com
10 mxb-004a7c01.gslb.pphosted.com

TXT

Show 27 TXT records

onetrust-domain-verification=63de464ce03c4e4dbc4594b56b911a02
d603qlzqjzlylnqhkx83qhlg47rj08bw
onetrust-domain-verification=7b1e62a6f11145f798e0aa98b6077f8d
fastly-domain-delegation-zsddga9wjcujhbtrscpf-00598696-2026-02-05
amazonses:ulsFpxeiX8huqlJCVlsAGMWFMlwH7tOZQzZaDjRbfy4=
anthropic-domain-verification-e5vyjq=McnHbUCMfVk62Hp8NVPahDcpD
_ncjty93tysnezhx8lu7njrqpsa9cjij
openai-domain-verification=dv-znUsSci0vV5bDuUFGrfidJOM
/q1bnfzaeJQCjGWZHsVXgQLLQnXC5vQaTc+SHktj2T5Uy0Zs+PuxmKc37gGv0vqxB3XCEtAaPZiC/K4Rq2AqAQ==
google-site-verification=6qHW-qKK-k8r4WZ-oBfy2P7N4Gp2G5OXgaRIpkZFW_4
amazonses:TvE0q8goIu68fxbgjCKZeqwsszP5T3I6MteNWdAebCM=
figma-domain-verification=17d3c21d4e58d2c12d72fa5c0aaabeef6837d57825db3eec9d4b6e1c5807084e-1760720547
62qmcq15qbtfwrqqjs7dht2dd89rd5z0
apple-domain-verification=qWmMB0hihmm2QWEp
h1-domain-verification=YQSy5CtTsKMiUfKRzVSzTcneiTJiNdYf6FD1Ay3UpHKFevHz
hpe-greenlake-domain-verification=6b634e784e79483369776755696d6f646b32524b56413433766d726a31514c43
jamf-site-verification=WgLMw_SGnWtyKwZdAlM8Hg
shopify-verification-code=O5VcbBNC3zktOBMmnRRovUHMG4cyY7
pexip-portal-domain-verification=0951157d-b23f-4a17-8f49-b3a37219fa37
zapier-domain-verification-challenge=5da36474-9f14-449a-85d8-8ef1b981acdb
docusign=d503c48d-18d9-4a42-8529-8ec1fba09574
pexip-ms-tenant-domain-verification=0951157d-b23f-4a17-8f49-b3a37219fa37
atlassian-domain-verification=/SCj9njNRmDgEdmghfMLTyxa8o/0IcyzVQfwUFQ5VCpr2AJV70FsiKoYE9oRFq0p
launchdarkly-domain-verification=a44859f8-d4a7-4e90-9f94-34273447b332
canva-site-verification=Xazo72p-2MyQuwRADO2zyw
hcp-domain-verification=b4206c32825c2f87f5d4c779811b633cad1bd62185a61ed0421673950a5bf10d
google-site-verification=g_L1T_LA_xEVholHaPGF5XhzpLmUcP7-iupa-4h916I

Email authentication strong

SPF

v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com

no all qualifier

DMARC

v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com

policy: reject (enforced)

DKIM

Show 4 DKIM selectors

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCP+r18gOweBKQ3e0dh08opDGZ4a/TKBZt5OHsHmAVthJPY7n1qeqmoXpsqE3HNtGgaFaTwAFMHcV+XspCYG6…
selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJHBJSUCP5TA42CdhjBSsr9lUHS0SDnw8xsELuYVULya7bO9lTbhcYCQeBtqjkS7XMIdwzBrfpCWfj+xfFIt…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMh/Wg4FsuRGqH503AgTLHC5v46sPXqtZ2Txvs4g0dGdS7DerxxelYNAR20ZRK+NEsygsa7Xi5H2YhWfp8…

selectors probed

Certificate (current)

R13

from 2026-03-22 to 2026-06-20

Expires in 32 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.collegeboard.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.collegeboard.org; connect-src 'self' ws: *.collegeboard.org k625k2vrzvdo5g7ynbvtjejehi.appsync-api.us-east-1.amazonaws.com/graphql dgtkl2ep7natjmkbefhxflglie.appsync-api.us-east-1.amazonaws.com/graphql cdn.cookielaw.org geolocation.onetrust.com lambda.us-east-1.amazonaws.com bam.nr-data.net cdn.aimtell.io cognito-identity.us-east-1.amazonaws.com sts.us-east-1.amazonaws.com www.google.com privacyportal.onetrust.com apform.secure.force.com cdnm3.cdnservice.space/start5.json code.jquery.com api.trongrid.io/wallet/getnodeinfo dgtkl2ep7natjmkbefhxflglie.appsync-api.us-east-1.amazonaws.com dgtkl2ep7natjmkbefhxflglie.appsync-realtime-api.us-east-1.amazonaws.com analytics.aimtell.com sts.us-west-2.amazonaws.com cognito-identity.us-west-2.amazonaws.com d1ktxyteejjrbw.cloudfront.net full-apform.cs190.force.com yt3.ggpht.com collegeboard-full.my.salesforce.com i.ytimg.com cdn.ckeditor.com telemetry.wiris.net wiris-v7.hive-prod.collegeboard.org:80 wiris-v7.hive-nonprod.college
strict-transport-security: max-age=31536000 ; includeSubDomains