X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
HTTP/1.1 200 OK
X-Powered-By: PHP/5.6.18
Connection: close
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Fri, 05 May 2017 00:11:29 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: http://fonts.googleapis.com http://fonts.gstatic.com http://www.google-analytics.com http://s7.addthis.com http://m.addthisedge.com http://m.addthis.com http://graph.facebook.com http://widgets.pinterest.com http://maps.google.com http://csi.gstatic.com http://maps.gstatic.com http://maps.googleapis.com http://www.linkedin.com http://api-public.addthis.com http://localhost http://www.youtube.com;
X-Content-Type-Options: nosniff
Server: Apache
Set-Cookie: fblikemodal=1; expires=Sun, 04-Jun-2017 00:11:29 GMT; Max-Age=2592000; path=/
Set-Cookie: __umts=a590f6c92b0d7c90548fda1bb1e48f83; path=/; domain=www.borovo.hr; HttpOnly
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: http://fonts.googleapis.com http://fonts.gstatic.com http://www.google-analytics.com http://s7.addthis.com http://m.addthisedge.com http://m.addthis.com http://graph.facebook.com http://widgets.pinterest.com http://maps.google.com http://csi.gstatic.com http://maps.gstatic.com http://maps.googleapis.com http://www.linkedin.com http://api-public.addthis.com http://localhost http://www.youtube.com;