HTTP Headers Analysis for https://accenture.medgrocer.com

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Strong

default-src; script-src; style-src; +11 more

default-src 'self'; script-src 'self'; style-src 'self' 'sha256-wW64siOhWBeFX5g2Ks3SQ3CxVJ70lDMcviES1719UvQ=' 'sha256-UtAv5b9/jfGqntWVjq04pRo+nTsje2UyXnRpfN+eO6g=' 'sha256-3UavVtwfEMrGewV031mN5LWlw8rLH3DghOOs3kXiiKQ=' 'sha256-MCWYrLJoz+R8SOO6/vrBMD/EWTMLeAgao2cIJVhbmho=' 'sha256-WO7G0bikCcwoZ6jQJSJiY9wLeVjuafFOqRFVY0sV4ik=' 'sha256-QIjW/+aUzfg58HcITJNHkkCTGmLovNUIQbL+Zq2TsIE=' 'sha256-EkiDZamQJZ1O/kM1wloKt3isoWaUEmUaea9yNsh3UxQ=' 'sha256-pu8Fqv0KKGuZxEFS28iY4bLQ7p3SfQeYsGA2EUnnxrY=' 'sha256-ZMT3JVqKIJueivUzAv6dLNqnpvVRqg+y5x0OogzNzks=' 'sha256-SgZQWsfLqFIbXUavZS4pxgi9Pr0JFuIh5pAp0LdrHPU=' 'sha256-vEfx55LCEBY/pXdqvPeTizIWfOk0PBLPECsgnWhPrQo=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-9/2Wbge7gJhg6fK4EXTY9x4bfqg//G5zcCQT86sYMMM=' 'sha256-9+2D6IaLZD4iUCrTLAcNdniqM0CY3SfCoB7V46JW440=' 'sha256-efrv1QoM9BzIFaAh6KNZWI0/EWNxGoRbLSG0hyHt594=' 'sha256-3ZfFIBHC4VkLdjXyF1FpoKWUfjjqNRGAteCHUd/Nayc=' 'sha256-J4M8jQKIvl7JaajN5Q3K3ixYaHs9v/VvOuTQ4A6JHMg=' 'sha256-K5GKQwrawxHVBjCtxa1miiVRoTEQAEgpxVOSGW88vQQ=' 'sha256-m9C3ibQ7/MuOKw17/yE5bYRuDJAxyp9QzejqJPbEqos=' 'sha256-/pMyB6+gxxK5h4kjGLz6smkXpujVu933/2fa0z47MGk=' 'sha256-Vf+uUQK/rBaQVg8mBZbq8GUjPD61t4W2WaRkY3wPTS4=' 'sha256-FfMuN5oBHhyO6APCAZrBWBBLZ36LX9wLC44xxOuxLqs=' 'sha256-72t8N32ewv6l1OQN9N2uXSmWLijUGZ18jSVTCRi1anc=' 'sha256-wZi1+Ll5bjIujb/rjN9HvCgvjIgh9UzDLXBaXNuKMtg=' 'sha256-5L0ctwfDiTimoZV3F6Vr5vFOGXhjcDBGniyEKQ/F4+w=' 'sha256-ImC77NUPmKk8C7M2WmLQfFwAYTxogIalmp6yncHXnqg=' 'sha256-gG6W6wW5Ix/Ki2FXxsLqjAAwKyydgEq94fwLCtQHxiA=' 'sha256-D6/zjGci7LDqqxdrACBGIMKSqf06CL6ANTt5PiWt7ew=' 'sha256-xT+eJ23pTuKci2vtw907YF7eCNmJZT4ZUW1slHflBz4=' 'sha256-ed929RYEm2HXk4WGS8fnv5tuj4Kl/flVkSrkhDCgGgM=' 'sha256-FBfiEN2yBupb9BvasrYtZBd0YIJFy+VuMmOR3AmCh5w=' 'sha256-opAwlo8QMbGGCXkR85I3n5qmv881NwGiWwNDAv519so=' 'sha256-gHMJJqoD3+D7KwRftcTHI0BeqVgBsX8e0WN8KvMDJvo='; style-src-elem 'self' https://fonts.googleapis.com 'sha256-wW64siOhWBeFX5g2Ks3SQ3CxVJ70lDMcviES1719UvQ=' 'sha256-UtAv5b9/jfGqntWVjq04pRo+nTsje2UyXnRpfN+eO6g=' 'sha256-3UavVtwfEMrGewV031mN5LWlw8rLH3DghOOs3kXiiKQ=' 'sha256-MCWYrLJoz+R8SOO6/vrBMD/EWTMLeAgao2cIJVhbmho=' 'sha256-WO7G0bikCcwoZ6jQJSJiY9wLeVjuafFOqRFVY0sV4ik=' 'sha256-QIjW/+aUzfg58HcITJNHkkCTGmLovNUIQbL+Zq2TsIE=' 'sha256-EkiDZamQJZ1O/kM1wloKt3isoWaUEmUaea9yNsh3UxQ=' 'sha256-pu8Fqv0KKGuZxEFS28iY4bLQ7p3SfQeYsGA2EUnnxrY=' 'sha256-ZMT3JVqKIJueivUzAv6dLNqnpvVRqg+y5x0OogzNzks=' 'sha256-SgZQWsfLqFIbXUavZS4pxgi9Pr0JFuIh5pAp0LdrHPU=' 'sha256-vEfx55LCEBY/pXdqvPeTizIWfOk0PBLPECsgnWhPrQo=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-9/2Wbge7gJhg6fK4EXTY9x4bfqg//G5zcCQT86sYMMM=' 'sha256-9+2D6IaLZD4iUCrTLAcNdniqM0CY3SfCoB7V46JW440=' 'sha256-efrv1QoM9BzIFaAh6KNZWI0/EWNxGoRbLSG0hyHt594=' 'sha256-3ZfFIBHC4VkLdjXyF1FpoKWUfjjqNRGAteCHUd/Nayc=' 'sha256-J4M8jQKIvl7JaajN5Q3K3ixYaHs9v/VvOuTQ4A6JHMg=' 'sha256-K5GKQwrawxHVBjCtxa1miiVRoTEQAEgpxVOSGW88vQQ=' 'sha256-m9C3ibQ7/MuOKw17/yE5bYRuDJAxyp9QzejqJPbEqos=' 'sha256-/pMyB6+gxxK5h4kjGLz6smkXpujVu933/2fa0z47MGk=' 'sha256-Vf+uUQK/rBaQVg8mBZbq8GUjPD61t4W2WaRkY3wPTS4=' 'sha256-FfMuN5oBHhyO6APCAZrBWBBLZ36LX9wLC44xxOuxLqs=' 'sha256-72t8N32ewv6l1OQN9N2uXSmWLijUGZ18jSVTCRi1anc=' 'sha256-wZi1+Ll5bjIujb/rjN9HvCgvjIgh9UzDLXBaXNuKMtg=' 'sha256-5L0ctwfDiTimoZV3F6Vr5vFOGXhjcDBGniyEKQ/F4+w=' 'sha256-ImC77NUPmKk8C7M2WmLQfFwAYTxogIalmp6yncHXnqg=' 'sha256-gG6W6wW5Ix/Ki2FXxsLqjAAwKyydgEq94fwLCtQHxiA=' 'sha256-D6/zjGci7LDqqxdrACBGIMKSqf06CL6ANTt5PiWt7ew=' 'sha256-xT+eJ23pTuKci2vtw907YF7eCNmJZT4ZUW1slHflBz4=' 'sha256-ed929RYEm2HXk4WGS8fnv5tuj4Kl/flVkSrkhDCgGgM=' 'sha256-FBfiEN2yBupb9BvasrYtZBd0YIJFy+VuMmOR3AmCh5w=' 'sha256-opAwlo8QMbGGCXkR85I3n5qmv881NwGiWwNDAv519so=' 'sha256-gHMJJqoD3+D7KwRftcTHI0BeqVgBsX8e0WN8KvMDJvo='; img-src 'self' data: https://www.google.com/images https://airtable.com https://airtableusercontent.com https://googleapis.com https://firebasestorage.googleapis.com; font-src 'self' fonts.gstatic.com; connect-src 'self' https://securetoken.googleapis.com https://calendly.com https://hook.us1.make.com https://mgpbm.zendesk.com https://oauth2.googleapis.com/token https://api.airtable.com https://asia-east2-medgrocer-develop.cloudfunctions.net https://asia-east2-medgrocer-28d8f.cloudfunctions.net https://www.googleapis.com https://firestore.googleapis.com https://ekr.zdassets.com https://mgwellness.zendesk.com wss://widget-mediator.zopim.com https://ekr.zdassets.com/compose/cc69e5fe-45a2-487c-a9dd-4445687314a5 https://*.sentry.io https://o*.ingest.sentry.io https://o*.ingest.us.sentry.io https://o4509839840968704.ingest.us.sentry.io/api/4509839908208640/envelope; object-src 'none'; frame-src https://medgrocer-develop.firebaseapp.com https://medgrocer-28d8f.firebaseapp.com https://calendly.com https://airtable.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; media-src 'self' https://static.zdassets.com; script-src-elem 'self' https://static.airtable.com https://static.zdassets.com https://widget-mediator.zopim.com https://apis.google.com;

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer

Permissions-Policy

Present

geolocation=(), microphone=(), camera=(), payment=()

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains

Performance Headers

4 headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

x-fh-requested-host, accept-encoding

Caching Headers

3 headers

Cache-Control

Caching

no-cache, no-store, must-revalidate

Etag

Caching

"63c2e60b04685f974ece1e361bf79a5fe87fa9c713e39d459b943b632e57a75d"

Last-Modified

Caching

Thu, 11 Dec 2025 08:26:51 GMT

Content Headers

1 headers

Content-Type

Content

text/html; charset=utf-8

Server Headers

0 headers

No server headers found

CORS Headers

0 headers

No CORS headers found

Cookies Headers

0 headers

No cookies headers found

Other Headers

6 headers

Alt-Svc

Other

h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

Date

Other

Thu, 25 Dec 2025 07:06:54 GMT

X-Cache

Other

MISS

X-Cache-Hits

Other

0

X-Served-By

Other

cache-iad-kiad7000139-IAD

X-Timer

Other

S1766646414.013236,VS0,VE37

Recommendations

Enable compression (gzip/brotli) to improve performance