Skip to main content

Is attrax.co.uk a Scam? Security Check Results - SmartRecruiters Reviews

attrax.co.uk favicon

Is attrax.co.uk Safe? Security Analysis for SmartRecruiters

https://attrax.co.uk

Check if attrax.co.uk is a scam or legitimate. Free security scan and reviews.

TechnologyUnited Statesenterprise
WordPressjQueryBootstrap 4 gridGoogle Tag ManagerMarketo Munchkin+5 more
Analyzed 9/6/2025Completed 12:53:23 AM
78
Security Score
LOW RISK

AI Summary

SmartRecruiters is a leading enterprise technology company specializing in recruiting software and career site solutions designed to enhance employer branding and streamline talent acquisition. Their flagship product, SmartAttrax, offers intelligent, SEO-optimized career site software integrated with applicant tracking systems to improve candidate conversion rates. The company serves a broad audience including HR professionals, recruiting teams, and hiring managers, and is trusted by thousands of customers globally. The website demonstrates a mature digital presence with modern technologies, strong SEO, and accessibility features. Security posture is robust with HTTPS, bot protection, and privacy compliance, though explicit incident response and vulnerability disclosure information are not publicly detailed. Overall, the site reflects a professional, trustworthy enterprise SaaS provider with a strong market position.

Detected Technologies

WordPressjQueryBootstrap 4 gridGoogle Tag ManagerMarketo MunchkinCrazy EggDataDome bot protectionQualified chatTypekit fontsPingdom RUM

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

SmartRecruiters operates in the technology sector, focusing on SaaS-based recruiting and HR solutions. Their business model revolves around providing a comprehensive platform that covers job posting, applicant tracking, AI-powered candidate screening, and onboarding. The company leverages partnerships and integrations to extend its ecosystem, as evidenced by multiple partner portals and developer documentation. The presence of customer testimonials and case studies highlights a strong market reputation and customer satisfaction. The company targets medium to large enterprises seeking efficient and scalable hiring solutions. Their marketing strategy includes extensive use of analytics, AI, and personalized candidate engagement tools, positioning them competitively in the HR tech market.

Security Posture Analysis

Comprehensive Security Assessment

The website employs strong security measures including HTTPS with excellent SSL configuration, security headers, and bot protection via DataDome. Privacy and cookie policies are comprehensive and include consent mechanisms aligned with GDPR requirements. However, the absence of publicly available incident response contacts or vulnerability disclosure policies suggests room for improvement in transparency and readiness communication. No vulnerabilities or exposed sensitive data were detected in the site content or scripts. The security score is high, reflecting a mature security posture appropriate for an enterprise SaaS provider, but adding explicit security contact points and disclosure policies would enhance trust and compliance.

Strategic Recommendations

Priority Actions for Security Improvement

1

Publish clear incident response and security contact information on the website to improve transparency and readiness.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

SmartRecruiters

Description:

SmartRecruiters provides career site software and a recruiting platform designed to strengthen employer branding and improve hiring efficiency. Their product SmartAttrax offers SEO-friendly, branded career pages integrated with ATS to boost applicant conversion.

Key Services:
Career site softwareApplicant tracking systemAI-powered recruiting toolsJob posting and distributionRecruitment CRMOnboarding solutions
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
WordPressjQueryBootstrap 4 gridGoogle Tag ManagerMarketo MunchkinCrazy EggDataDome bot protectionQualified chatTypekit fontsPingdom RUM
Frameworks:
WordPress
Platforms:
Web
Performance:

moderate

Mobile:

good

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • Bot protection via DataDome
  • Google site verification
  • Privacy and cookie policies with consent mechanism

Analytics & Tracking

Services:
Marketo MunchkinCrazy EggGoogle Tag ManagerPingdom RUMAhrefs Analytics
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Tracking Pixels:
Marketo MunchkinCrazy EggPingdom RUMAhrefs Analytics
Marketing Tools:
MarketoQualified chatCrazy Egg
Transparency Level:good

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is a professional recruiting software platform with comprehensive content and clear business focus.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

70/100
Score

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

85/100
Score

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

85/100
Score

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 mx include:_spf.google.com include:sendgrid.net exists:%{i}._spf.mta.salesforce.com include:mktomail.com ip4:199.15.212.1 ip4:199.15.215.254 include:_spf.eu.mailgun.org -all
DNS Lookups:6/10
Policy:-all
DKIM Selectors Found
Selector:google(1296-bit rsa)
Selector:k2(1416-bit rsa)
Selector:selector1(1296-bit rsa)
Selector:s1(1440-bit rsa)
DMARC Details
Policy:reject
Aggregate Reports:dmarc@dmarc.smartrecruiters.com
Forensic Reports:dmarc@dmarc.smartrecruiters.com

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

90/100
Score

Mixed Content Detected

MEDIUM

1 resources loaded over insecure HTTP

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:*.smartrecruiters.com
Issuer:Sectigo Public Server Authentication CA DV R36
Valid Until:6/2/2026 (269 days)
SANs:*.smartrecruiters.com, smartrecruiters.com

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

90/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

Domain Registration Details

Domain Age
19 years(mature)
Expiry Risk
none(795 days)
Protection Level
strongDNSSEC OFF

DNS Records

A Records:18.185.186.86, 35.156.11.6
Name Servers:
ns-1508.awsdns-60.org
ns-1909.awsdns-46.co.uk
ns-216.awsdns-27.com
ns-770.awsdns-32.net
MX Records:
1: aspmx.l.google.com
5: alt1.aspmx.l.google.com
5: alt2.aspmx.l.google.com
10: alt3.aspmx.l.google.com
10: alt4.aspmx.l.google.com
SOA:Serial: 2, TTL: 86400s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:83ms

SPF Analysis

SPF Record:
v=spf1 mx include:_spf.google.com include:sendgrid.net exists:%{i}._spf.mta.salesforce.com include:mktomail.com ip4:199.15.212.1 ip4:199.15.215.254 include:_spf.eu.mailgun.org -all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on WordPress CMS with a modern tech stack including jQuery, Bootstrap grid, and various marketing and analytics integrations such as Marketo, Crazy Egg, and Google Tag Manager. Performance is moderate with good mobile optimization and accessibility features implemented. The site uses Typekit fonts and includes bot protection scripts. SEO is well addressed with meta tags, Open Graph, and JSON-LD structured data. The technical infrastructure supports a professional and scalable web presence suitable for enterprise clients. Opportunities exist to optimize performance further and ensure all third-party scripts are up to date and secure.
Analyze Another Website