| Server | nginx |
| Content-Type | text/html; charset=UTF-8 |
| Transfer-Encoding | chunked |
| Connection | keep-alive |
| Cache-Control | private |
| Content-Security-Policy | report-uri https://www.yelp.com/csp_report?site=biz; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; connect-src https:; font-src https: data:; frame-src https: yelp-webview://*; child-src https: yelp-webview://*; img-src https: data:; media-src https:; object-src https:; reflected-xss filter |
| Content-Security-Policy-Report-Only | report-uri https://www.yelp.com/csp_report?site=biz; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; connect-src https:; font-src https: data:; frame-src https: yelp-webview://*; child-src https: yelp-webview://*; img-src https: data:; media-src https:; object-src https:; reflected-xss filter; frame-ancestors 'self' |
| Strict-Transport-Security | max-age=31536000 |
| X-XSS-Protection | 1; report=https://www.yelp.com/xss_protection_report |
| X-Node | biz_all, web73-r7-iad1 |
| Vary | Accept-Encoding,User-Agent |
| Content-Encoding | gzip |
| X-Mode | ro |
| X-Proxied | extlb1-r1-iad1 |