getbezel.com

HTML metadata

Title: Pre-Owned Luxury Watches | Authenticated In-House | Bezel
Description: Bezel is the top marketplace in the world for authenticated luxury watches. Get free in-house authentication and fully-insured overnight shipping with every purchase.
Language: en

Open Graph

title: Pre-Owned Luxury Watches | Authenticated In-House | Bezel
site name: Bezel
description: Bezel is the top marketplace in the world for authenticated luxury watches. Get free in-house authentication and fully-insured overnight shipping with every purchase.

Technology

Server: Google
CMS: Next.js

Analytics

Google Tag Manager
Segment

Third-party hosts loaded (6)

auth.split.io×1
bezel-prod-gcs-static.b-cdn.net×1
cdn.segment.com×1
o1379274.ingest.sentry.io×1
sdk.split.io×1
www.googletagmanager.com×1

Contact

Address: 1653 7th Street #1606, 90406, Santa Monica, California, United States

Registration

Registrar

Squarespace Domains II LLC

Created

2020-12-02

Expires

2026-12-02 196 days left

Updated

2025-11-17

Name servers

ns-cloud-a1.googledomains.com
ns-cloud-a2.googledomains.com
ns-cloud-a3.googledomains.com
ns-cloud-a4.googledomains.com

DNS records live

NS

ns-cloud-a1.googledomains.com
ns-cloud-a2.googledomains.com
ns-cloud-a3.googledomains.com
ns-cloud-a4.googledomains.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 4 TXT records

stripe-verification=1ec267b5affcd5f6dc8460fefac6c6499755d046c0b975bc6ba632c00be6f1dc
pinterest-site-verification=0bed3e165eb9a50a17fad9c600460978
google-site-verification=VPTLlCffVNJbBBUHyrfshGmRlj_-4LuAZErB9p03zYY
apple-domain-verification=xj04U4zG1VMn8l86

Email authentication strong

SPF

v=spf1 include:_spf.google.com a:getbezel.com ip4:159.183.130.193 ip4:149.72.244.251 ~all

softfail (~all)

DMARC

v=DMARC1;p=reject;sp=reject;pct=100;rua=mailto:dmarc@getbezel.com;ruf=mailto:dmarc@getbezel.com;ri=86400;aspf=r;adkim=r;fo=1

policy: reject (enforced) · sp=reject

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkd4pyYwR2vejPCbcmBOx6+UzSqT5RFa1/VKpLdHg6KZ6flYLtq4Hr6sg66ei29GMhZO8WYaFQrUAt…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwcVF5qyJgPJmgCkdkn++6e7lKFTZ6dMi64PzlPFDFykdeTKVfDLvODR0TGM12bad7Jj9YnnGeK8YKqfD7…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGjfKjXXtNiM/R6zrZhG7AKHHvN/aKyGLa0OMq/DqtbJ0ZUJEXhsw16UAFOnlxdLNpyW+ubJnEND1SlSRc…

selectors probed

Certificate (current)

R13

from 2026-05-05 to 2026-08-03

Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://shop.getbezel.com

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https: wss://*.intercom.io; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self' https:;
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy-report-only: default-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https: wss://*.intercom.io; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self' https:; report-uri /api/csp-report;

Linked from (1)

hyperspaceventures.com×2