laist.com

HTML metadata

Title

Local and national news, NPR, things to do, food recommendations and guides to Los Angeles, Orange County and the Inland Empire | LAist

Description

Local and national news, NPR, things to do, food recommendations and guides to Los Angeles, Orange County and the Inland Empire

Language

en

Canonical

https://laist.com/

Feeds

Local and national news, NPR, things to do, food recommendations and guides to Los Angeles, Orange County and the Inland Empire Atom

Open Graph

url: https://laist.com/
site name: LAist

Technology

CDN: Amazon CloudFront
Server: istio-envoy

Analytics

Google Tag Manager

Ads

Google Ads (DoubleClick)

Third-party hosts loaded (6)

scpr.brightspotcdn.com×77
cse.google.com×1
htlbid.com×1
platform.instagram.com×1
securepubads.g.doubleclick.net×1
www.googletagmanager.com×1

Social

Registration

Registrar

Amazon Registrar, Inc.

Created

2004-03-18

Expires

2027-03-18 303 days left

Updated

2026-05-15

Name servers

ns-1144.awsdns-15.org
ns-118.awsdns-14.com
ns-1852.awsdns-39.co.uk
ns-635.awsdns-15.net

DNS records live

NS

ns-1144.awsdns-15.org
ns-118.awsdns-14.com
ns-1852.awsdns-39.co.uk
ns-635.awsdns-15.net

MX

0 laist-com.mail.protection.outlook.com

TXT

Show 6 TXT records

MS=ms24427093
ZOOM_verify_AhXaQEaOha6IjsshIIfvWB
airtable-verification=033ca0273c484f7d261427c5ae412535
google-site-verification=rBlTNSntE8ZiYqgv6BrDmg8RnvHKd41wWgvSOtZkDf0
google-site-verification=sY-mYf2p-hkEy35Kyn-1R1IBRj2-JJpdyZGrzDSngwE
google-site-verification=sxXBszKjlseoiecBFG0sGloWVnQtQa26H2fYvqZ4t8o

Email authentication strong

SPF

v=spf1 ip4:192.203.201.30 include:spf.protection.outlook.com include:_spf.salesforce.com include:_spf.ultipro.com include:amazonses.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc@review.uriports.com; ruf=mailto:dmarc@review.uriports.com; fo=1:d:s

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10HL/ZG049K1wBM77NU8en+gIH73c8H/aI6Qm7CVPVVlvwcSHGsqsnyQCnRM7JEIY0IxYzsL+2L1+u…

selectors probed

Certificate (current)

Amazon RSA 2048 M01

from 2026-01-14 to 2027-02-12

Expires in 269 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://laist.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action 'self' https://mpr.tfaforms.net https://cloud.connect.scpr.org; frame-ancestors 'self' https://*.scpr.org https://*.scpr.production.k3.m1.brightspot.cloud https://*.scpr.psdops.com https://*.scpr.lower.k3.m1.brightspot.cloud
strict-transport-security: max-age=31536000; includeSubDomains