No 'Access-Control-Allow-Origin' header is present on the requested resource shows up on hitting controller action

Question

I have already added the * as the Access-Control-Allow-Origin but the request yields a 404 saying that

No 'Access-Control-Allow-Origin' header is present on the requested resource.

My Controller code:

            [AllowCrossSiteJsonAttribute]
            [HttpPost]
            public JsonResult uploadzip()
            {

                Response.AddHeader("Access-Control-Allow-Origin", "*");       // Need to add the correct domain in here!!
                Response.AddHeader("Access-Control-Allow-Methods", "POST");   // Only allow POST
                Response.AddHeader("Access-Control-Max-Age", "300");          // Cache response for 5 minutes
                Response.AddHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");         // Ensure this header is also allowed!  

                ...

                return Json(json);
             }

I am sure this is the correct way to go.. Is there something missing ?

The post request below:

 $.ajax({
            url: 'http://site1.com/auth/uploadzip',
            type: 'POST',
            data: formData,
            processData: false,
            contentType: 'application/zip',
            success: function (d, t, x) {
                if (d.status == "success") {

                }}});

Even tried the custom attribute way described here.

Still the browser complains:

XMLHttpRequest cannot load http://site1.com/auth/uploadzip. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://site2.com' is therefore not allowed access. The response had HTTP status code 404.

Any more pointers?