routinehub.co

HTML metadata

Title: RoutineHub • Code, Share, Earn—Anywhere, Anytime.
Description: Code, Share, Earn—Anywhere, Anytime.
Language: en
Canonical: https://routinehub.co/

Open Graph

url: /
title: RoutineHub
description: Code, Share, Earn—Anywhere, Anytime.

Technology

CDN: Cloudflare
CMS: Gatsby

Analytics

Cloudflare Insights
Google Tag Manager

Ads

Google Ads (DoubleClick)
Meta Pixel

Third-party hosts loaded (6)

cdnjs.cloudflare.com×3
securepubads.g.doubleclick.net×2
connect.facebook.net×1
mastodon.social×1
static.cloudflareinsights.com×1
www.googletagmanager.com×1

Social

DNS records live

NS

gerald.ns.cloudflare.com
robin.ns.cloudflare.com

MX

10 work-mx.app.hey.com

TXT

atlassian-sending-domain-verification=9963dbf1-f477-4539-8a06-48f6d1273641
hey-verification:T1iRGNxQ3ry7rTU1XdsgXMWJ

Verified for

Atlassian
Google
Microsoft 365
OpenAI
Yandex

Email authentication strong

SPF

v=spf1 include:_spf.hey.com include:mail.zendesk.com include:mailgun.org include:amazonses.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100; fo=1; ri=3600; adkim=s; aspf=r; rua=mailto:e2b940b35384561bbaf9d8864196ab3@dmarc-reports.cloudflare.net,mailto:e2ab06a1ea90.a@dmarcinput.com,mailto:eac80fe5@dmarc.mailgun.org,mailto:7ebb4f1a@inbox.ondmarc.com; ruf=mailto:e2ab06a1ea90.f@dmarcinput.com,mailto:eac80fe5@dmarc.mailgun.org,mailto:7ebb4f1a@inbox.ondmarc.com;

policy: reject (enforced)

DKIM

default: v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8nwwd+e9nYfKtK1yxahtQpuPxtY2Sz4d+zQq4op4fpaeEaxZ5dTNd/+xLgOGxvjbImzTizyAMgZONtpWBwhXZ8Gd6f…

selectors probed

Certificate (current)

WE1

from 2026-04-27 to 2026-07-26

Expires in 66 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://routinehub.co/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self "https://*.routinehub.co" "https://*.routinehub.services"), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(self), picture-in-picture=(self), sync-xhr=(self), usb=()
x-content-type-options: nosniff
content-security-policy: img-src 'self' data: blob: https://*.r9x.in https://*.rlcdn.com https://*.google.com https://*.doubleclick.net https://*.inmobi.com https://*.kueezrtb.com https://*.id5-sync.com https://*.intentiq.com https://*.infolinks.com https://*.gcprivacy.net https://*.hadronid.net https://*.ad.gt https://*.amazon-adsystem.com *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://challenges.cloudflare.com https://*.r9x.in https://*.rlcdn.com https://*.google.com https://*.doubleclick.net https://*.inmobi.com https://*.kueezrtb.com https://*.id5-sync.com https://*.intentiq.com https://*.infolinks.com https://*.gcprivacy.net https://*.hadronid.net https://*.ad.gt https://*.amazon-adsystem.com *; child-src https://auth.privy.io https://verify.walletconnect.com https://verify.walletconnect.org; worker-src 'self'; manifest-src 'self'; form-action 'self'; style-src 'self' 'unsafe-inline' *; connect-src 'self' https://auth.privy.io wss://relay.walletconnect.com wss://relay.walletconnect.org wss://w
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubdomains, max-age=31536000; includeSubdomains; preload
cross-origin-opener-policy: same-origin

Links to (2)

apple.com×3
twitter.com×3