wio.io

.io crawl

First seen 2026-04-14 · Last seen 2026-05-11 · ok HTTP/1.1 200 965 ms crawled 2026-05-08

AE · 20.233.196.198 · AS8075 Microsoft Corporation

Reputation 100/100

sector finance type homepage

HTML metadata

Title: Wio | Personal
Description: Streamline your finances with Wio Personal — free multi-currency accounts, virtual & physical cards, zero FX fees, up to 2% cashback, and seamless app control.
Language: en

Open Graph

title: Wio | Personal
description: Streamline your finances with Wio Personal — free multi-currency accounts, virtual & physical cards, zero FX fees, up to 2% cashback, and seamless app control.

Technology

CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (2)

images.ctfassets.net×38
www.googletagmanager.com×1

Social

DNS records live

NS

curt.ns.cloudflare.com
naomi.ns.cloudflare.com

MX

0 wio-io.mail.protection.outlook.com

TXT

Show 12 TXT records

apple-domain-verification=fpgmWsmPwYEuRDaM
atlassian-domain-verification=aGvBpwCCwhXcyMiRbX08sqIDwTp9ZCNSIR1IuaRA2XkPXaI56OAVEpeUemx2x7j4
cursor-domain-verification-61t4mm=QhGotOAiZAK8UfPJJssFAAzCt
docusign=aa9e8851-6079-45e0-b221-83dae4cc9ae4
google-site-verification=HY75gGEXgvNxC1fFQ-9DaO6EH_Ul5TDSMKqCmFTGcf8
google-site-verification=TuBWkMQplVLxyLDvD5eUCoMlnIxNb7EurbFi9I98n7E
h1-domain-verification=9rsKcH2wQuD7t38C36LZ3W5k6AxSyXTseASYKzFyW8gv2sUs
mixpanel-domain-verify=d4c0cfb1-03f6-438c-a4b8-863549b17e50
perplexity-ai-domain-verification-2vwmre=jPQWA5lWBswl01VO72l4BBaUQ
slack-domain-verification=eDNR53aZU7sI61D1xIRQhFKWn142Og6kJoo3A2Bd
1password-site-verification=6DEW2LXAYBGTZH43NXXGEXLLNE
MS=ms64029798

Email authentication strong

SPF

v=spf1 ip4:149.72.166.244 include:spf.protection.outlook.com include:amazonses.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:jp4wwnscm7@rua.powerdmarc.com; ruf=mailto:jp4wwnscm7@ruf.powerdmarc.com; ri=86400; fo=1

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4//73Wa6jNpYABIR6m07oWkPZ9SKtBSEIzMLfOVucJuk3Nim5FLFtwjOslgdl8dE96q9jNgM6EdarW…

selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2026-03-03 to 2026-09-18

Expires in 122 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://wio.io/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://websdk.appsflyer.com https://*.clarity.ms https://cookiehub.net https://cdn.cookiehub.eu https://*.hotjar.com https://*.googletagmanager.com https://www.googleadservices.com https://www.google.com https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net https://connect.facebook.net https://snap.licdn.com https://analytics.tiktok.com https://collection.uae.passfort.com https://collection.ae.maxsight.com; style-src 'self' 'unsafe-inline' data: blob: https://cookiehub.net https://cdn.cookiehub.eu https://*.hotjar.com https://*.facebook.com; img-src 'self' https://images.ctfassets.net data: https://*.hotjar.com https://*.google-analytics.com https://*.googletagmanager.com https://googleads.g.doubleclick.net https://www.google.com https://pagead2.googlesyndication.com https://www.googleadservices.com https://google.com https://px.ads.linkedin.com https://www.facebook.com https://www.google.
strict-transport-security: max-age=31536000; preload