Security Directory

R

RL360

rl360.com

0

RL360 is a well-established international life assurance company specializing in life assurance, offshore savings, and investment products targeted at expatriates and high net worth individuals globally. The company positions itself as one of the fastest-growing firms in its sector, supported by a strong parent company, International Financial Group Limited. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site employs modern JavaScript libraries such as jQuery and integrates multiple marketing and analytics tools including Google Tag Manager, Google Analytics, Facebook Pixel, LinkedIn Insight Tag, and Bing UET, all managed with user consent mechanisms to comply with privacy regulations.

R

Ramsey Crookall

ramseycrookall.com

0

Ramsey Crookall is a well-established private wealth management and stockbroking firm based in the Isle of Man, with a history dating back to 1946. The company offers bespoke investment solutions, pension fund management, global custody, and online portfolio management services, targeting a diverse clientele including individuals, corporations, and trusts. Their market position is strengthened by longstanding industry memberships and regulatory licenses, reflecting a commitment to transparency and integrity. Technically, the website is built on the Wix platform utilizing modern frameworks such as React 18 and Wix's Thunderbolt platform, ensuring good performance, mobile optimization, and accessibility. The site employs comprehensive SEO practices and integrates various Wix services for forms, e-commerce, and media management. From a security perspective, the site enforces HTTPS, includes essential security headers, and follows best practices in cookie and token management. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policy and incident response information are not present, representing an area for improvement. Overall, the website demonstrates a strong digital presence with good content quality, technical implementation, and security posture. Strategic recommendations include enhancing security transparency, adding incident response contacts, and continuous monitoring of third-party components to maintain security and compliance.

Mannin Group is a well-established multimedia services provider based in the Isle of Man, specializing in printing, advertising, signage, and design services. The company has a strong market position locally and is part of the larger BHW Print Group, enhancing its service capabilities and reach. The website reflects a professional business with clear branding and a focus on serving business clients in the region. Technically, the site is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. Performance and mobile optimization are adequate, though accessibility could be improved. Security posture is moderate with HTTPS enabled but lacks important security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Contact information is clearly provided, supporting business credibility. Overall, the site is functional and professional but would benefit from enhanced security and privacy measures.

D

Domicilium

domicilium.com

0

Domicilium is a well-established internet and cloud services provider with over 30 years of experience, specializing in global hosting, cloud infrastructure, connectivity, security, managed services, and disaster recovery. The company serves a diverse range of sectors including banking, finance, manufacturing, legal, fintech, telco, life sciences, eGaming, and AI, positioning itself as a trusted partner for businesses requiring reliable and secure IT infrastructure worldwide. Their market position is reinforced by ISO 27001 certification and a strong presence in multiple international markets including Asia, Americas, Europe, and Australasia. Technically, the website leverages modern web technologies such as Webflow CMS, Google Fonts, jQuery, Lenis smooth scrolling, GSAP animations, and integrates third-party services like hCaptcha for bot protection and Osano for cookie consent management. The site is well-optimized for mobile devices, accessibility, and SEO, providing a fast and professional user experience. Analytics are implemented via Google Analytics and Google Tag Manager, with moderate user tracking balanced by privacy compliance mechanisms. From a security perspective, the site demonstrates good practices including the use of CAPTCHA, cookie consent, and secure login portals for webmail and remedy services. However, explicit HTTP security headers and incident response contact information are not evident, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, Domicilium presents a high level of business credibility and digital maturity, with a professional online presence and strong trust indicators. The domain registration data aligns well with the company's claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing incident response contacts, and maintaining rigorous third-party script audits to further strengthen security posture.

A

Annexio Limited

annexio.com

0

Annexio Limited operates as a licensed and regulated online lottery betting provider with a strong market presence in the UK and globally through its brands LottoGo.com and Affiliate Empire. The company offers a secure multilevel B2C/B2B platform for lottery betting and instant win games, targeting lottery players worldwide. The website is built on Squarespace, leveraging modern web technologies and optimized for mobile users, though some SEO and accessibility improvements are possible. Security posture is solid with HTTPS enforcement and no exposed sensitive data, but could benefit from enhanced security headers and formal privacy and cookie policies. Overall, Annexio demonstrates a credible and professional online presence consistent with its regulated business model.

M

Manx Telecom Trading Ltd

manxtelecom.com

0

Manx Telecom Trading Ltd is the leading telecommunications provider in the Isle of Man, offering a comprehensive range of services including fibre broadband, mobile plans (both pay monthly and pay as you go), and hardware sales. The company positions itself as a market leader with a strong focus on sustainable and socially responsible business practices, as evidenced by its Environmental, Social and Governance (ESG) initiatives. The website is professionally designed, mobile-optimized, and provides clear navigation to its diverse service offerings, targeting both personal and business customers within the Isle of Man. Technically, the website leverages modern technologies such as Umbraco CMS, Google Analytics, Google Tag Manager, Fathom Analytics, and OneTrust for cookie consent management. The site demonstrates good performance and accessibility standards, with asynchronous loading of scripts and responsive design. The presence of detailed cookie consent mechanisms and privacy policies indicates a strong commitment to privacy compliance, including GDPR adherence. From a security perspective, the website enforces HTTPS and employs cookie consent controls to manage user data privacy. While explicit security headers are not visible in the HTML content, no critical vulnerabilities or exposed sensitive data were detected. The absence of a public security policy or incident response contact suggests an area for improvement. WHOIS data confirms the legitimacy of the domain, with registration details consistent with the business claims and no privacy protection masking registrant information. Overall, Manx Telecom's website reflects a mature digital presence with strong business credibility and privacy compliance. Strategic recommendations include enhancing security header implementation, publishing explicit security policies, and establishing a vulnerability disclosure program to further strengthen trust and security posture.

T

The Children's Centre

thechildrenscentre.org.im

0

The Children's Centre is a non-profit organization based on the Isle of Man dedicated to supporting children, young people, and families facing difficult life experiences such as bullying, developmental disabilities, poverty, addiction, and domestic abuse. Their services focus on behavioral, learning, and emotional wellbeing, bridging gaps in statutory provision before crises occur. The organization operates a community farm and offers various programs including volunteering and fundraising opportunities. The website is professionally designed using the Squarespace platform, featuring clear navigation, mobile optimization, and active social media integration. Technically, the site employs modern web technologies, secure HTTPS with HSTS, and tracking tools like Google Analytics and Facebook Pixel. However, it lacks a cookie consent mechanism and comprehensive privacy policy details, which are important for GDPR compliance. No security incidents or vulnerability disclosures are published, and no WAF or blocking mechanisms are detected, indicating open accessibility. Overall, the website reflects a credible and trustworthy charity with room for improvement in privacy compliance and transparency.

A

Affinity Group Limited

affinity.co.im

0

Affinity Group Limited is a well-established corporate and private wealth services provider founded in 2004 and headquartered in the Isle of Man. The company offers a broad range of services including corporate services, private wealth management, regulated industry support, and specialized sectors such as yachting, aviation, and sports professionals. Their market position is strong, supported by multi-award-winning recognition and trusted asset management exceeding £2 billion. The website reflects a mature digital presence built on the Webflow platform, featuring modern design, multimedia content, and clear navigation. However, the absence of explicit privacy and cookie policies, as well as security headers, indicates areas for improvement in compliance and security transparency. Overall, the company demonstrates a high level of professionalism and trustworthiness with a global footprint.

Q

Quinn Legal

quinnlegal.im

0

Quinn Legal is a small legal advocacy firm based in the Isle of Man, providing legal services to both individuals and businesses. The website indicates that the offices have closed but maintains contact channels via phone and email. The firm appears to have a local market presence with a focus on legal advocacy. Technically, the website is built on WordPress using common plugins and frameworks such as Genesis and WP Rocket, hosted on WP Engine. The site integrates Google Analytics and Google Tag Manager for tracking and marketing purposes. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and formal security policies. Privacy compliance is basic with a cookie policy present but no explicit privacy policy page found. Overall, the website is functional but could improve in security and compliance documentation.

I

ILS World

ils-world.com

0

ILS World is a well-established global fiduciary services provider headquartered in the Isle of Man, offering a broad range of corporate, private client, and digital services. The company targets professional advisers, international corporate groups, and private clients, positioning itself as a trusted partner with over 30 years of industry experience. Their leadership team is experienced and regulatory approvals from multiple jurisdictions enhance their credibility. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the website employs modern web technologies including Bootstrap, Swiper, GSAP, and jQuery, with assets hosted on Amazon S3 and CDNs to optimize performance. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Analytics and marketing tools such as Google Analytics and Campaign Monitor are used for user tracking and engagement. From a security perspective, the site uses HTTPS and secure iframe forms for contact, but lacks explicit security headers and dedicated security or incident response policies. Privacy and cookie policies are present, though a cookie consent mechanism is missing, which may affect GDPR compliance. No critical vulnerabilities or suspicious content were detected, and domain WHOIS data aligns well with the business claims, indicating legitimacy. Overall, the website demonstrates a strong business credibility and technical foundation with room for improvement in security best practices and privacy compliance mechanisms.

The Isle of Man Post Office website serves as the official digital presence for the government postal service of the Isle of Man. It offers a comprehensive range of services including online postage, mail receiving and sending, foreign currency exchange, business mailing solutions, and retail products such as stamps and coins. The site targets both individual residents and businesses within the Isle of Man and surrounding regions, positioning itself as the primary postal and related services provider in the territory. The business model is government-operated, focusing on providing essential postal and financial services with a strong emphasis on customer convenience and digital accessibility. Technically, the website employs a modern technology stack including jQuery, the Foundation CSS framework, Google reCAPTCHA v3 for bot protection, and integrates Google Fonts and jQuery UI for enhanced user experience. The site demonstrates good mobile optimization and basic accessibility features, with a moderate performance profile. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS (implied by external Google reCAPTCHA and Google Fonts usage over HTTPS), includes CSRF tokens in forms, and implements a cookie consent mechanism compliant with GDPR. However, explicit HTTP security headers are not detected in the provided data, and no published security policy or incident response contacts are found. There are no visible vulnerabilities or exposed sensitive data. The site integrates tracking and marketing tools such as Google Analytics and Facebook Pixel, with moderate user tracking levels and good privacy compliance. Overall, the website is professionally designed, trustworthy, and well-aligned with the official government postal service branding. The domain registration data matches the website content and business claims, indicating legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security posture and user trust.

A

Aerotech International Limited

aerotech.im

0

Aerotech International Limited is a well-established aviation technical consultancy firm based in the Isle of Man, with over 20 years of experience and a global network of consultants. The company specializes in aircraft transitional support and offers a wide range of services including project management, lease transitions, maintenance representation, and regulatory support. Their market position is strong as a legacy global leader with a clear focus on aviation industry clients. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on WordPress using the Divi theme and incorporates modern web technologies such as jQuery and slick carousel plugins. The site is mobile optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security-wise, the site uses HTTPS with a good SSL configuration but lacks important security headers and explicit security policies, which could be enhanced to improve the overall security posture. Overall, the website is credible and trustworthy with clear business information and contact details. However, it lacks cookie consent mechanisms and detailed privacy compliance features, which are important for GDPR adherence. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

C

Conister Bank Limited

conisterbank.co.im

0

Conister Bank Limited is an independent financial institution established in 1935, operating primarily in the Isle of Man. The bank offers a range of retail and business banking services including mortgages, personal loans, savings accounts, and green finance options. It positions itself as a locally focused bank with quick decision-making and a commitment to traditional values such as courtesy, safety, and integrity. The bank is licensed by the Isle of Man Financial Services Authority and is a subsidiary of Manx Financial Group PLC, listed on the London Stock Exchange AIM. The website reflects a professional and trustworthy image with clear contact information and regulatory disclosures. Technically, the website employs a modern tech stack including Foundation CSS framework, jQuery, Google reCAPTCHA v3 for bot protection, Google Maps API, and Typekit fonts. The site is mobile optimized and uses standard security practices such as HTTPS and cache control headers. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly present. The site integrates Google Analytics and Facebook Pixel for analytics and advertising, with a comprehensive cookie consent mechanism that aligns with GDPR requirements. From a security perspective, the site demonstrates good practices including encrypted connections, secure forms with reCAPTCHA, and no visible vulnerabilities or exposed sensitive data. Privacy policies and cookie policies are clearly presented, supporting compliance with data protection regulations. No incident response or security policy pages were found, which could be improved to enhance transparency and readiness. Overall, Conister Bank's website is well-structured, secure, and compliant with privacy standards, reflecting a mature digital presence suitable for a regulated financial institution. Recommendations include enhancing security headers, publishing a security policy, and improving SEO metadata completeness to further strengthen trust and compliance.

S

Stewart Clague Services Limited

scs.co.im

0

Stewart Clague Services Limited (SCS) is a well-established facilities management and building services provider based in the Isle of Man, operating since 1969. The company holds a strong market position as the largest and longest serving provider in its region, offering a comprehensive range of services including domestic and commercial services, renewable technologies, project management, and facilities management. Their business model emphasizes quality, customer service, and compliance with industry standards, supported by multiple ISO certifications and professional memberships. Technically, the website is built on WordPress with modern web technologies such as Yoast SEO, Google reCAPTCHA v3, and Swiper Carousel for enhanced user experience. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security measures include HTTPS enforcement and form protection via reCAPTCHA, although additional security headers and policies could enhance the posture. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Contact information is clearly presented, including a contact form, email, phone number, and physical address, enhancing business credibility. Overall, the website reflects a professional, trustworthy, and mature digital presence suitable for its business sector. Strategic recommendations include implementing explicit security headers, publishing a security policy and incident response contacts, and adding a vulnerability disclosure policy to further strengthen security and trust.

D

DotPerformance Limited

dotperformance.com

0

DotPerformance Limited is a well-established full-service design, development, and content agency based in the Isle of Man, with over 20 years of experience. The company serves a broad range of clients on the island, providing comprehensive branding, website and mobile app development, content management, API integration, digital marketing, and media production services. Their market position is strong locally, supported by a portfolio of significant Isle of Man brands and a consistent, professional online presence. Technically, the website is built using modern web technologies including Bootstrap, Google Analytics, Google Tag Manager, and Google reCAPTCHA v3 for security. The site is mobile-optimized, fast-loading, and well-structured with good SEO practices. The use of asynchronous script loading and third-party APIs like Vimeo enhances user experience. However, explicit CMS or hosting provider details are not disclosed. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect its contact form from spam. While no critical vulnerabilities or exposed sensitive data were detected, the absence of explicit security headers and incident response policies suggests room for improvement. Privacy and cookie policies are present and appear GDPR compliant, supporting good privacy practices. Overall, the website demonstrates a high level of professionalism, technical maturity, and business credibility with a low risk profile. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and maintaining regular security audits to sustain trust and compliance.