atoka.io Review

 User-agent: *
Disallow: /public/it/azienda/-/
Disallow: /public/en/
Disallow: /it/try-atoka/
Disallow: /en/try-atoka/
Disallow: /it/login/
Disallow: /en/login/
Disallow: /login/
Disallow: /cerved/login/
Disallow: /pages/it/tos-inbiz/
Disallow: /pages/en/tos-inbiz/
Sitemap: https://atoka.io/sitemap.xml

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 10 Jan 2026 10:18:59 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://atoka.io/
X-Cache: Redirect from cloudfront
Via: 1.1 bc32ef126215821e67e47cb1213e8dac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SEA900-P4
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: XdnO4brxPjrbHN8gRx4INmVU2T30kC1LPCt1K1PqkWIRe8waDiB6bg==
Content-Security-Policy: object-src 'none'; frame-ancestors 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Content-Security-Policy-Report-Only: form-action 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Reporting-Endpoints: csp-report=https://csp-report-receiver.atoka.io/report/atoka-production/

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 10 Jan 2026 10:19:00 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
Server: openresty
Location: /it/
Vary: Accept-Language, Cookie
x-sd-trace-id: 9ba7c680daa7ee07061eca562daaa7a6
x-sd-trace-sampled: true
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Referrer-Policy: strict-origin-when-cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Set-Cookie: sessionid=n3syqj946desv3y4pbk0nsx9obkfjuac; expires=Sat, 24 Jan 2026 10:19:00 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax; Secure
X-Cache: Miss from cloudfront
Via: 1.1 df6cbd0e5f9defbb1b16ba675eeaeaa8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YVR52-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: cTobgMYaRaLUo1MxLLICy8t5KIHGv3GosRk1DEzc92-59K5b2R7_yg==
Content-Security-Policy: object-src 'none'; frame-ancestors 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Cache-Control: no-cache
Content-Security-Policy-Report-Only: form-action 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Reporting-Endpoints: csp-report=https://csp-report-receiver.atoka.io/report/atoka-production/

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Date: Sat, 10 Jan 2026 10:19:00 GMT
X-XSS-Protection: 1; mode=block
Server: openresty
Location: https://atoka.io/pages/it/
X-Frame-Options: DENY
Content-Security-Policy: object-src 'none'; frame-ancestors 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Content-Security-Policy-Report-Only: connect-src 'self' api.mixpanel.com api.amplitude.com *.iubenda.com *.ingest.sentry.io *.fontawesome.com *.atoka.io cervedapps.piwik.pro; form-action 'self'; style-src 'self' *.iubenda.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com atoka.io 'unsafe-inline'; frame-src 'self' form.typeform.com *.iubenda.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com *.fontawesome.com data:; script-src 'self' strict-dynamic cdn.mxpnl.com *.iubenda.com sentry.io atoka.io tr.atoka.io *.fontawesome.com cdnjs.cloudflare.com cervedapps.containers.piwik.pro www.googletagmanager.com www.google.com maxcdn.bootstrapcdn.com player.vimeo.com oss.maxcdn.com cdn.jsdelivr.net 'unsafe-eval'; default-src 'self'; img-src 'self' media-atoka-io.s3-eu-west-1.amazonaws.com atoka.io api.mapbox.com *.iubenda.com; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Content-Language: it
Vary: Cookie
x-sd-trace-id: 02952bee8f06523e824ac91aea86e9e4
x-sd-trace-sampled: false
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Referrer-Policy: strict-origin-when-cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Set-Cookie: sessionid=zxliq9oam9a21gzck2pg71oslt3m8zgu; expires=Sat, 24 Jan 2026 10:19:00 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Cache: Miss from cloudfront
Via: 1.1 df6cbd0e5f9defbb1b16ba675eeaeaa8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YVR52-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: RfIirKG9-CflMsPBlWx68midVSAkIjT0NOBbMA4cxkXp7xiRXqOKNQ==
Cache-Control: no-cache
Reporting-Endpoints: csp-report=https://csp-report-receiver.atoka.io/report/atoka-production/

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-meta-md5chksum: de92ad7a00f36dbe995f7fdd623afa60
Last-Modified: Mon, 10 Nov 2025 13:35:03 GMT
x-amz-version-id: 2uD.MhoO0xBw1.ygtIGVcitTKZrxyy06
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 10 Jan 2026 10:19:01 GMT
ETag: W/"de92ad7a00f36dbe995f7fdd623afa60"
Vary: accept-encoding
X-Cache: RefreshHit from cloudfront
Via: 1.1 df6cbd0e5f9defbb1b16ba675eeaeaa8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YVR52-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: VpmcpC3urSLR7gjFdptGLW5UHzbFijdcXXT7R4XD0ubXN24NdMqVWw==
Content-Security-Policy: object-src 'none'; frame-ancestors 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Cache-Control: no-cache
Content-Security-Policy-Report-Only: form-action 'self'; report-to csp-report; report-uri https://csp-report-receiver.atoka.io/report/atoka-production/
Reporting-Endpoints: csp-report=https://csp-report-receiver.atoka.io/report/atoka-production/