atoka.io Review

 User-agent: *
Disallow: /public/it/azienda/-/
Disallow: /public/en/
Disallow: /it/try-atoka/
Disallow: /en/try-atoka/
Disallow: /it/login/
Disallow: /en/login/
Disallow: /login/
Disallow: /cerved/login/
Disallow: /pages/it/tos-inbiz/
Disallow: /pages/en/tos-inbiz/
Sitemap: https://atoka.io/sitemap.xml

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 24 Jan 2026 10:26:40 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://atoka.io/
X-Cache: Redirect from cloudfront
Via: 1.1 f68a0de1b64fdfafc274d6d3d5ac61ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YVR52-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: 84eubQnIz9O7JkZ5jC1HoBAEA67dVncy5koc4wtqxPIGV2itWMj9Pg==
Content-Security-Policy: object-src 'none'; frame-ancestors 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Content-Security-Policy-Report-Only: form-action 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Reporting-Endpoints: csp-report=https://csp-report-receiver.atoka.io/report/atoka-production/

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 24 Jan 2026 10:26:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
Server: openresty
Location: /it/
Vary: Accept-Language, Cookie
x-sd-trace-id: 263d942fedd1c8b8117a2229ff4a60a2
x-sd-trace-sampled: true
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Referrer-Policy: strict-origin-when-cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Set-Cookie: sessionid=b0giyrjfuac1ebutcsko8pqkks761926; expires=Sat, 07 Feb 2026 10:26:40 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax; Secure
X-Cache: Miss from cloudfront
Via: 1.1 061cb325dcc3fc546e8849d1b86b7f40.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SEA900-P4
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: SrweJoZ8TrkFMDiCOyi6agTRK1e1X3sda1fmbwSGDq-BucV0fnKyLA==
Content-Security-Policy: object-src 'none'; frame-ancestors 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Cache-Control: no-cache
Content-Security-Policy-Report-Only: form-action 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Reporting-Endpoints: csp-report=https://csp-report-receiver.atoka.io/report/atoka-production/

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Date: Sat, 24 Jan 2026 10:26:41 GMT
X-XSS-Protection: 1; mode=block
Server: openresty
Location: https://atoka.io/pages/it/
X-Frame-Options: DENY
Content-Security-Policy: object-src 'none'; frame-ancestors 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Content-Security-Policy-Report-Only: frame-src 'self' form.typeform.com *.iubenda.com; script-src 'self' strict-dynamic cdn.mxpnl.com *.iubenda.com sentry.io atoka.io tr.atoka.io *.fontawesome.com cdnjs.cloudflare.com cervedapps.containers.piwik.pro www.googletagmanager.com www.google.com maxcdn.bootstrapcdn.com player.vimeo.com oss.maxcdn.com cdn.jsdelivr.net 'unsafe-eval'; style-src 'self' *.iubenda.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com atoka.io 'unsafe-inline'; report-to csp-report; connect-src 'self' api.mixpanel.com api.amplitude.com *.iubenda.com *.ingest.sentry.io *.fontawesome.com *.atoka.io cervedapps.piwik.pro; font-src 'self' fonts.gstatic.com fonts.googleapis.com *.fontawesome.com data:; form-action 'self'; default-src 'self'; img-src 'self' media-atoka-io.s3-eu-west-1.amazonaws.com atoka.io api.mapbox.com *.iubenda.com; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Content-Language: it
Vary: Cookie
x-sd-trace-id: 9be2a5af380faec18b7c1dea23533293
x-sd-trace-sampled: false
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Referrer-Policy: strict-origin-when-cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Set-Cookie: sessionid=9oqc14j5tshzurg0szasb6a4lo00musw; expires=Sat, 07 Feb 2026 10:26:41 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Cache: Miss from cloudfront
Via: 1.1 061cb325dcc3fc546e8849d1b86b7f40.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SEA900-P4
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: -XyIUCDjaCF1ffFz2hQV5u1nm3nIsbg-cplGZhjkVSo_P3HhY2nfXg==
Cache-Control: no-cache
Reporting-Endpoints: csp-report=https://csp-report-receiver.atoka.io/report/atoka-production/

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-meta-md5chksum: de92ad7a00f36dbe995f7fdd623afa60
Last-Modified: Mon, 10 Nov 2025 13:35:03 GMT
x-amz-version-id: 2uD.MhoO0xBw1.ygtIGVcitTKZrxyy06
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 24 Jan 2026 10:26:42 GMT
ETag: W/"de92ad7a00f36dbe995f7fdd623afa60"
Vary: accept-encoding
X-Cache: RefreshHit from cloudfront
Via: 1.1 061cb325dcc3fc546e8849d1b86b7f40.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SEA900-P4
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: 26pZsG2yFlTZkPWMqEN2yl7lpGq5V0uADYtFnLESO6ZPwWTaj4ivgw==
Content-Security-Policy: object-src 'none'; frame-ancestors 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Cache-Control: no-cache
Content-Security-Policy-Report-Only: form-action 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Reporting-Endpoints: csp-report=https://csp-report-receiver.atoka.io/report/atoka-production/