bezerocarbon.com

HTML metadata

Title: The Carbon Ratings Agency | BeZero Carbon
Description: BeZero is the carbon credit ratings agency for the voluntary carbon market. Independent ratings are essential for effective investment in climate projects.
Language: en

Open Graph

url: https://bezerocarbon.com
title: The Carbon Ratings Agency | BeZero Carbon
site name: BeZero Carbon
description: The Carbon Ratings Agency | BeZero Carbon

Technology

CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (2)

assets.bezerocarbonmarkets.com×87
www.googletagmanager.com×1

Social

Contact

Email

Address

25 Christopher Street, EC2A 2BS, London, GB

Registration

Registrar

Squarespace Domains II LLC

Created

2019-09-20

Expires

2032-09-20 2315 days left

Updated

2024-05-18

Name servers

ns-cloud-c1.googledomains.com
ns-cloud-c2.googledomains.com
ns-cloud-c3.googledomains.com
ns-cloud-c4.googledomains.com

DNS records live

NS

ns-cloud-c1.googledomains.com
ns-cloud-c2.googledomains.com
ns-cloud-c3.googledomains.com
ns-cloud-c4.googledomains.com

MX

1 bezerocarbon-com.mail.protection.outlook.com

TXT

Show 12 TXT records

v=spf1 include:_spf.google.com include:spf.protection.outlook.com include:9240446.spf04.hubspotemail.net include:amazonses.com ~all
miro-verification=283fae8df82aa0cd7c562e4ef091f4359ccbfdb2
zapier-domain-verification-challenge=51e7c282-d885-4ba5-956a-38f1f10bab08
openai-domain-verification=dv-HJd2Ns0fsDFqPfMYTbQ7CISo
remote-domain-verification=88c4cc60-9454-49d2-9f48-871378610ff3
MS=ms13930059
9NAG3OLAMY5F1VCSQSHAS9BPPE4JAYHQ39ZKINDA
slack-domain-verification=UWBr2nZfUjcWgaUF91coR7MQVk9BT712J94Pamiy
notion-domain-verification=JlpkEXc49jOwqtjUxZvJJj4UgqedbWHXStGFen0SHzd
lovable_verification=ZECWrSHbv4a7a4BlKTxJ
asv=dce1be3736ffabacdf5af0cb6ed77550
anthropic-domain-verification-9gm6b7=lSLqRFNdiYkrcou869XkoYrLp

Certificate (current)

Amazon RSA 2048 M01

from 2025-09-23 to 2026-10-23

Expires in 156 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://bezerocarbon.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' https://googletagmanager.com https://tagmanager.google.com 'nonce-ZTE4MDYxYWItMTBjNi00ZmY0LWEyMzUtZjBjOTdlNmE2NDQ4'; script-src-elem 'self' https://*.usemessages.com https://*.hs-analytics.net https://*.hscollectedforms.net https://*.hs-banner.com http://*.hs-scripts.com https://*.cookiepro.com https://*.bing.com https://*.googletagmanager.com https://snap.licdn.com https://px.ads.linkedin.com https://clarity.microsoft.com https://www.googleadservices.com https://*.clarity.ms https://cdn-cookieyes.com https://secure.24-astute.com https://j.6sc.co 'nonce-ZTE4MDYxYWItMTBjNi00ZmY0LWEyMzUtZjBjOTdlNmE2NDQ4'; style-src 'self' 'unsafe-inline' https://*.vimeo.com https://*.googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com; connect-src 'self' https://log.cookieyes.com https://*.hscollectedforms.net https://vimeo.com https://*.google-analytics.com/ https://*.sentry.io/ https://*.cookiepro.com https://*.onetrust.com https://px.ad
strict-transport-security: max-age=63072000; includeSubDomains; preload