indexo.dev

orderbilly.com

.com crawl

First seen 2026-05-27 · Last seen 2026-05-27 · ok HTTP/1.1 200 234 ms crawled 2026-05-30

US · 104.26.14.139 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Billy
Description
Billy is een platform dat bestellen en betalen in jouw zaak makkelijk maakt. Billy automatiseert je volledige order-to-cash flow en heeft een flexibele setup voor elk café, restaurant en event.
Language
en

Open Graph

url
https://orderbilly.com
title
Billy
description
Billy is een platform dat bestellen en betalen in jouw zaak makkelijk maakt. Billy automatiseert je volledige order-to-cash flow en heeft een flexibele setup voor elk café, restaurant en event.

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Registration

Registrar
Key-Systems GmbH
Created
2020-06-06
Expires
2026-06-06 5 days left
Updated
2025-11-29
Name servers
  • samara.ns.cloudflare.com
  • venkat.ns.cloudflare.com

DNS records live

NS
  • samara.ns.cloudflare.com
  • venkat.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 4 TXT records
  • ca3-03e3171d75684a77aaef50707d975f6c
  • cloudflare_dashboard_sso=bfde67a3cb0457598925497af6e169b1
  • jetbrains-domain-verification=iayl88oc9ssda78ku30rbeex
  • spf2.0/pra include:spf.flexmail.eu ?all
Verified for
  • 1Password
  • Anthropic
  • Atlassian
  • Google
  • Meta
  • Notion
  • OpenAI

Email authentication partial

SPF
v=spf1 include:_spf.transip.email include:spf.flexmail.eu include:_spf.transip.email include:_spf.google.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
Show 4 DKIM selectors
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziZx1nVTiv0Ee6z7rWb29o8CkCGhcy8QY77C6MUowrjVSo9r3gtwgiwiL4UDoDEV3thJ3R7TUj97tW…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3K8dTW94xRvWRfvaWAbZ/XkzCsqUSzR/ffLm6RIUip1Gclex1nUhzyUXbi+69cAYA2idiCINCMbUhDdbRP…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDF6JkFaE1wMSjKoqvFaxKg0a8Lvmy7kTYSDbLnnVKla2kf6og6VmyKFsQc5Y2UPgBIyGWYOcjUeJgfD6IiP0Lz//…
selectors probed

Certificate (current)

WE1
from 2026-05-24 to 2026-08-23
Expires in 83 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://orderbilly.com/

present
  • strict-transport-security
  • content-security-policy
  • content-security-policy-report-only
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-security-policy
default-src * data: mediastream: blob: filesystem: about: ws: wss: 'unsafe-eval' 'wasm-unsafe-eval' 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob:;
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy-report-only
default-src * data: mediastream: blob: filesystem: about: ws: wss: 'unsafe-eval' 'wasm-unsafe-eval' 'unsafe-inline'; script-src * data: blob: 'sha256-KWDEEoZgBqBbDbgZCGB7PwwF1esGq0IMYVkC8xtGpuo='; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob:;

Linked from (1)