HTTP/1.1 302 Found
Date: Thu, 21 Oct 2021 03:26:25 GMT
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=m981rioppar1prv71nk5k09nkk; expires=Thu, 21-Oct-2021 05:26:25 GMT; Max-Age=7200; path=/; domain=qwstion.com; HttpOnly; SameSite=Lax
Set-Cookie: store=us-en; expires=Fri, 21-Oct-2022 03:26:25 GMT; Max-Age=31536000; path=/us/; SameSite=Lax
Location: https://www.qwstion.com/us/?___store=us-en&___from_store=en
Content-Security-Policy-Report-Only: font-src *.fontawesome.com https://cdnjs.cloudflare.com *.typekit.net *.yotpo.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self' 'unsafe-inline'; frame-src fast.amc.demdex.net secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com *.adyen.com vars.hotjar.com *.chatra.io *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com *.adyen.com https://www.facebook.com https://res.cloudinary.com *.qwstion.com https://analytics.sleeknote.com *.google.com *.google.fi http://demo.thcreate.de *.klaviyo.com https://s3-us-west-2.amazonaws.com/s.cdpn.io/1271389/* www.xtento.com cdn.xtento.com *.yotpo.com 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com www.youtube.com *.adyen.com https://polyfill.io https://static.klaviyo.com https://fast.a.klaviyo.com *.avada.io https://cdnjs.cloudflare.com https://www.klaviyo.com *.hotjar.com *.google.com *.google.fi *.gstatic.com *.chatra.io *.jsdelivr.net *.sleeknote.com *.qwstion.com *.facebook.net https://unpkg.com https://cdn.mouseflow.com https://api.instagram.com www.xtento.com cdn.xtento.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com *.fontawesome.com https://fonts.googleapis.com https://cdnjs.cloudflare.com *.typekit.net *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.vimeo.com https://vod-progressive.akamaized.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.algolia.net *.algolia.com https://static.klaviyo.com https://static.qwstion.com *.klaviyo.com in.hotjar.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
HTTP/2 200
server: nginx/1.10.3 (Ubuntu)
date: Thu, 21 Oct 2021 03:26:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy-report-only: font-src *.fontawesome.com https://cdnjs.cloudflare.com *.typekit.net *.yotpo.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self' 'unsafe-inline'; frame-src fast.amc.demdex.net secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com *.adyen.com vars.hotjar.com *.chatra.io *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com *.adyen.com https://www.facebook.com https://res.cloudinary.com *.qwstion.com https://analytics.sleeknote.com *.google.com *.google.fi http://demo.thcreate.de *.klaviyo.com https://s3-us-west-2.amazonaws.com/s.cdpn.io/1271389/* www.xtento.com cdn.xtento.com *.yotpo.com 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com www.youtube.com *.adyen.com https://polyfill.io https://static.klaviyo.com https://fast.a.klaviyo.com *.avada.io https://cdnjs.cloudflare.com https://www.klaviyo.com *.hotjar.com *.google.com *.google.fi *.gstatic.com *.chatra.io *.jsdelivr.net *.sleeknote.com *.qwstion.com *.facebook.net https://unpkg.com https://cdn.mouseflow.com https://api.instagram.com www.xtento.com cdn.xtento.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com *.fontawesome.com https://fonts.googleapis.com https://cdnjs.cloudflare.com *.typekit.net *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.vimeo.com https://vod-progressive.akamaized.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.algolia.net *.algolia.com https://static.klaviyo.com https://static.qwstion.com *.klaviyo.com in.hotjar.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
access-control-allow-credentials: true
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
|