Skip to main content

Is thecompetitionplatform.co.uk a Scam? Security Check Results - The Competition Platform Reviews

thecompetitionplatform.co.uk favicon

Is thecompetitionplatform.co.uk Safe? Security Analysis for The Competition Platform

https://thecompetitionplatform.co.uk

Check if thecompetitionplatform.co.uk is a scam or legitimate. Free security scan and reviews.

MediaUnited Kingdomsmall
BootstrapjQueryGoogle reCAPTCHAFontAwesomeGoogle Fonts+1 more
Analyzed 8/2/2025Completed 2:56:41 PM
67
Security Score
MEDIUM RISK

AI Summary

The Competition Platform is a UK-based SaaS business founded in 2016, specializing in providing a platform that enables publishers, brands, and agencies to build, run, and analyze competitions effectively. The company targets a niche market of marketing professionals and media companies, boasting thousands of clients and recognizable brand partnerships. Their business model revolves around offering a digital platform service that streamlines competition management and analytics. Technically, the website is built on a custom stack utilizing Bootstrap, jQuery, Google reCAPTCHA, and FontAwesome, with a focus on responsive design and moderate performance. The site employs HTTPS with a valid SSL certificate and includes standard privacy and cookie policies, along with a cookie consent mechanism. However, some modern security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the platform demonstrates good practices such as CSRF token usage and CAPTCHA protection on forms, but lacks a formal security policy and vulnerability disclosure program. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business history and shows legitimacy, registered through a reputable registrar with a long-term expiry. Overall, the website presents a professional and trustworthy front with good content quality and technical implementation. Strategic improvements in security policy transparency and enhanced security headers would further strengthen their posture. The risk level is moderate to low, with no immediate critical issues identified.

Detected Technologies

BootstrapjQueryGoogle reCAPTCHAFontAwesomeGoogle FontsCookieConsent

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The Competition Platform holds a solid position in the media and marketing technology sector, serving a broad client base of publishers, brands, and agencies. Their competitive advantage lies in a specialized platform that simplifies competition management and analytics, supported by a growing ecosystem of recognizable clients. Revenue streams likely include subscription fees or service charges for platform usage. The company is relatively small but established, with a clear UK presence and a parent company named DMRI. Their partnership ecosystem includes a dedicated blog subdomain and multiple brand collaborations showcased on the site. Growth indicators include a decade-long domain age and active client engagement. Strategic observations suggest focusing on expanding security transparency and enhancing compliance documentation to support scaling and trust.

Extracted Contact Information

Marketing Intelligence Data

Phone Numbers (1)

011*******

Physical Addresses (1)

The Competition Platform, St Johns Church, 123 Lound Side, Chapeltown, S35 2US

Company Registration

Legal Name:

DATA MARKETING RESEARCH INNOVATION

VAT Number:

GB 119 3852 04

Security Posture Analysis

Comprehensive Security Assessment

The current security maturity level is moderate, with foundational protections such as HTTPS, CSRF tokens, and CAPTCHA integration on forms. The absence of security headers like Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), and X-Frame-Options represents an area for improvement. No vulnerabilities or exposed sensitive data were found, indicating good operational security hygiene. Compliance with GDPR is implied through privacy and cookie policies, but explicit incident response contacts or security policies are missing. The platform would benefit from publishing a vulnerability disclosure policy and security.txt file to enhance transparency and readiness. Overall, the security culture appears functional but could be elevated with formalized policies and enhanced technical controls.

Strategic Recommendations

Priority Actions for Security Improvement

1

Implement comprehensive security headers including CSP, HSTS, and X-Frame-Options to mitigate common web attacks.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

The Competition Platform

Description:

Bringing Publishers, Brands and users together. Easily build, run & analyse competitions. Join 1000’s of companies already working with The Competition Platform.

Key Services:
Competition buildingCompetition runningCompetition analytics
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
BootstrapjQueryGoogle reCAPTCHAFontAwesomeGoogle FontsCookieConsent
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • CSRF token present
  • Google reCAPTCHA on contact form
  • Cookie consent banner

Analytics & Tracking

Services:
Google Analytics
Tracking Level:moderate
Privacy Compliance:basic

Advertising & Marketing

Tracking Pixels:
Google Analytics (gtag.js)
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:high

Key Observations

1

Website uses HTTPS with valid SSL

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

50/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

83/100
Score

No Data Protection Officer mentioned

LOW

Large organizations may need to designate a DPO under GDPR

Privacy policy may not be GDPR compliant

MEDIUM

Privacy policy lacks explicit GDPR compliance elements

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, health, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

70/100
Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:mailgun.org ~all
DNS Lookups:1/10
Policy:~all
DMARC Details
Policy:reject
Aggregate Reports:wtkvwynu@ag.eu.dmarcian.com
Forensic Reports:wtkvwynu@fr.eu.dmarcian.com

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

77/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

70/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

Domain Registration Details

Domain Age
9 years(mature)
Expiry Risk
low(175 days)
Protection Level
none
Suspicious Indicators Detected
  • No domain protection locks enabled

DNS Records

A Records:34.252.150.6, 54.77.90.141, 52.18.136.97
Name Servers:
ns-117.awsdns-14.comDNS only
ns-1468.awsdns-55.orgDNS only
ns-1796.awsdns-32.co.ukDNS only
ns-796.awsdns-35.netDNS only
MX Records:
10: mxa.eu.mailgun.org
10: mxb.eu.mailgun.org
SOA:Serial: 1, TTL: 86400s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:140ms

SPF Analysis

SPF Record:
v=spf1 include:mailgun.org ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website employs a modern front-end stack with Bootstrap for responsive design, jQuery for DOM manipulation, and Google reCAPTCHA for bot mitigation. The use of Google Fonts and FontAwesome enhances visual appeal. Cookie consent is managed via a popular open-source library. The site is custom-built rather than using a common CMS, which may reduce some attack surface but requires dedicated maintenance. Performance is moderate with no major issues detected, and mobile optimization is good. SEO is supported by proper meta tags and structured navigation. However, the absence of certain security headers and limited accessibility features indicate areas for technical improvement. Hosting details are not explicitly disclosed, but the domain uses a reputable registrar and CDN for client logos. Overall, the technical infrastructure is solid but could benefit from modernization in security and accessibility.
Analyze Another Website