HTTP/1.1 302 Found
Date: Thu, 21 Oct 2021 00:31:33 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: https://qcsupply.dcatalog.com/
set-cookie: PHPSESSID=75f89911fe7c491202e9377650b5c1ca; expires=Fri, 22-Oct-2021 00:31:32 GMT; Max-Age=86400; path=/; domain=qcsupply.com; HttpOnly; SameSite=Lax
set-cookie: X-Magento-Vary=c58cc7336841735bf5ef13185766282824a9d073; expires=Fri, 22-Oct-2021 00:31:33 GMT; Max-Age=86400; path=/; HttpOnly; SameSite=Lax
location: https://www.qcsupply.com/
access-control-allow-origin: *
access-control-allow-headers: *
x-ua-compatible: IE=edge
x-served-by: gpc023-node1
x-cache: MISS
x-varnish-age:
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6a166236692561c2-ORD
HTTP/2 200
date: Thu, 21 Oct 2021 00:31:33 GMT
content-type: text/html; charset=UTF-8
report-to: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"\/iwd_csp\/report\/log"}]}
content-security-policy-report-only: font-src fonts.googleapis.com fonts.gstatic.com *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com static.olark.com *.googleapis.com *.bootstrapcdn.com media.qcsupply.com *.fontawesome.com 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.affirm.com *.facebook.com https://store.plumrocket.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com www.googletagmanager.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google.com *.google.com *.doubleclick.net *.facebook.com *.youtube.com *.olark.com *.affirm.com *.g.doubleclick.net *.dcatalog.com https://store.plumrocket.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com data: maps.googleapis.com maps.gstatic.com *.google.com *.google.bg *.facebook.com *.facebook.net *.doubleclick.net ebizmarts-website.s3.amazonaws.com *.symantec.com *.bootstrapcdn.com *.olark.com *.gstatic.com *.googleapis.com media.qcsupply.com *.groupbycloud.com *.google.com.ua *.google.com.br *.affirm.com *.g.doubleclick.net *.bing.com 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.youtube.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.google.com *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net chimpstatic.com *.groupbycloud.com *.olark.com static.olark.com *.symantec.com *.mouseflow.com *.affirm.com *.qcsupply.com *.gstatic.com *.googleapis.com media.qcsupply.com *.bing.com *.newrelic.com *.nr-data.net *.vimeocdn.com *.dcatalog.com *.cloudflare.com *.maxmind.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com fonts.googleapis.com *.googleapis.com *.doubleclick.net *.facebook.com *.cloudflare.com *.olark.com *.bootstrapcdn.com media.qcsupply.com i.ytimg.com *.fontawesome.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com *.facebook.com *.facebook.net *.olark.com *.affirm.com *.groupbycloud.com *.mouseflow.com media.qcsupply.com *.bing.com *.doubleclick.net *.g.doubleclick.net *.nr-data.net *.vimeo.com *.rollbar.com *.mmapiws.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri /iwd_csp/report/log; report-to report-endpoint;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: https://qcsupply.dcatalog.com/
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: *
x-ua-compatible: IE=edge
x-served-by: gpc023-node2
x-cache: HIT
x-varnish-age:
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a1662398b2be1e6-ORD
|