X-Powered-By: PHP/5.6.34
X-Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: http://fonts.googleapis.com http://fonts.gstatic.com http://www.google-analytics.com http://s7.addthis.com http://m.addthisedge.com http://m.addthis.com http://graph.facebook.com http://widgets.pinterest.com http://maps.google.com http://csi.gstatic.com http://maps.gstatic.com http://maps.googleapis.com http://www.linkedin.com http://api-public.addthis.com http://localhost http://www.youtube.com https://googleads.g.doubleclick.net https://static.doubleclick.net;
X-Frame-Options: SAMEORIGIN
Set-Cookie: __umts=88jpk6u57t6f0ld1mg72hmahe6; path=/; domain=www.gotes.hr; HttpOnly
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
HTTP/1.1 200 OK
Set-Cookie: fblikemodal=1; expires=Wed, 25-Apr-2018 22:51:12 GMT; Max-Age=2592000; path=/
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Server: nginx
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: http://fonts.googleapis.com http://fonts.gstatic.com http://www.google-analytics.com http://s7.addthis.com http://m.addthisedge.com http://m.addthis.com http://graph.facebook.com http://widgets.pinterest.com http://maps.google.com http://csi.gstatic.com http://maps.gstatic.com http://maps.googleapis.com http://www.linkedin.com http://api-public.addthis.com http://localhost http://www.youtube.com https://googleads.g.doubleclick.net https://static.doubleclick.net;
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Date: Mon, 26 Mar 2018 22:51:12 GMT
Transfer-Encoding: chunked
Pragma: no-cache