Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Cache-Control | private |
Content-Security-Policy | report-uri https://www.yelp.com/csp_report?site=biz; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; connect-src https:; font-src https: data:; frame-src https: yelp-webview://*; child-src https: yelp-webview://*; img-src https: data:; media-src https:; object-src https:; reflected-xss filter |
Content-Security-Policy-Report-Only | report-uri https://www.yelp.com/csp_report?site=biz; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; connect-src https:; font-src https: data:; frame-src https: yelp-webview://*; child-src https: yelp-webview://*; img-src https: data:; media-src https:; object-src https:; reflected-xss filter; frame-ancestors 'self' |
Strict-Transport-Security | max-age=31536000 |
X-XSS-Protection | 1; report=https://www.yelp.com/xss_protection_report |
X-Node | biz_all, web73-r7-iad1 |
Vary | Accept-Encoding,User-Agent |
Content-Encoding | gzip |
X-Mode | ro |
X-Proxied | extlb1-r1-iad1 |