Skip to main content

Is reeloq.com a Scam? Security Check Results - REELOQ Outdoor - Lose yourself. Keep your gear. Reviews

reeloq.com favicon

Is reeloq.com Safe? Security Analysis for REELOQ Outdoor - Lose yourself. Keep your gear.

https://reeloq.com

Check if reeloq.com is a scam or legitimate. Free security scan and reviews.

E-commerceAustriasmall
ShopifyJavaScriptCSSGoogle AnalyticsFacebook Pixel+5 more
Analyzed 8/1/2025Completed 10:52:39 PM
69
Security Score
MEDIUM RISK

AI Summary

REELOQ Outdoor operates a professional e-commerce website specializing in patented anti-drop securing systems for outdoor equipment such as GoPro and smartphones. The company targets outdoor enthusiasts and adventurers, positioning itself as an innovator in a niche market. The website is built on the Shopify platform, leveraging modern technologies and third-party marketing and analytics tools to provide a seamless shopping experience. GDPR compliance and cookie consent mechanisms are properly implemented, reflecting a mature approach to privacy. Security posture is strong with HTTPS enforced and no obvious vulnerabilities detected, although explicit security policies and incident response contacts are absent. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is common in e-commerce. Overall, the site is trustworthy, well-designed, and technically sound.

Detected Technologies

ShopifyJavaScriptCSSGoogle AnalyticsFacebook PixelKlaviyoLoox ReviewsPandectes GDPRInstant Section Page BuilderSelleasy

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The company operates in the e-commerce sector with a focus on outdoor gear security products. Its business model is direct-to-consumer retail via Shopify. The market position is that of a specialized innovator with patented technology, appealing to a defined customer segment. The use of multiple marketing and analytics platforms indicates active customer engagement and data-driven marketing strategies. Lack of visible contact information may impact customer trust but is mitigated by professional site design and compliance features. No parent or subsidiary companies are identified. The company appears small but focused.

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a good security posture with HTTPS enforced and use of security best practices such as cookie consent and reputable third-party scripts. However, there is no publicly available security policy or incident response information, which are important for transparency and trust. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a vulnerability disclosure program or security.txt file is a gap. Overall, the security maturity is moderate to high but could be improved with explicit policies and contact channels.

Strategic Recommendations

Priority Actions for Security Improvement

1

Publish a dedicated security policy page detailing security practices and compliance.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

REELOQ Outdoor - Lose yourself. Keep your gear.

Description:

REELOQ is an innovative, patented anti-drop system for your outdoor equipment. You can attach your GoPro and smartphone to your body, have it at hand and still take photos without any restrictions. In addition, it protects against falling and theft.

Key Services:
Patented anti-drop securing systems for outdoor gear
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
ShopifyJavaScriptCSSGoogle AnalyticsFacebook PixelKlaviyoLoox ReviewsPandectes GDPRInstant Section Page BuilderSelleasy
Frameworks:
Shopify Liquid
Platforms:
Shopify
Performance:

fast

Mobile:

good

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • Cookie consent banner with granular controls
  • No exposed sensitive data in HTML
  • Use of reputable third-party scripts

Analytics & Tracking

Services:
Google AnalyticsShopify AnalyticsKlaviyo
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Ad Networks:
FacebookGoogle
Tracking Pixels:
Facebook PixelKlaviyoOmnisend
Marketing Tools:
KlaviyoLoox ReviewsOmnisend
Transparency Level:good

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:high

Key Observations

1

Website is a professionally designed Shopify e-commerce store

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

75/100
Score

Weak Strict-Transport-Security configuration

LOW

Current value: "max-age=7889238"

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

100/100
Score
No issues found

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

50/100
Score

DMARC not enforcing

MEDIUM

DMARC policy is set to "none"

No DMARC reporting

LOW

DMARC aggregate reports not configured

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

DMARC Partial Enforcement

LOW

DMARC only applies to 50% of messages

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 +a +mx ?all
DNS Lookups:2/10
Policy:?all
DMARC Details
Policy:none(50% enforcement)
Subdomain Policy:none

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

75/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 85 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:www.reeloq.com
Issuer:WE1
Valid Until:10/26/2025 (85 days)
SANs:www.reeloq.com

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

50/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

Weak SPF Policy

HIGH

SPF record has permissive policy allowing any server to send email

DMARC Policy Set to None

LOW

DMARC is configured but not enforcing any policy

Domain Registration Details

Domain Age
6 years(mature)
Expiry Risk
low(137 days)
Protection Level
noneDNSSEC OFF
Suspicious Indicators Detected
  • No domain protection locks enabled

DNS Records

A Records:23.227.38.65
Name Servers:
ns.second-ns.com
ns1.your-server.de
ns3.second-ns.de
MX Records:
10: www46.your-server.de
SOA:Serial: 2025062103, TTL: 3600s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:110ms

SPF Analysis

SPF Record:
v=spf1 +a +mx ?all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on Shopify, utilizing modern JavaScript, CSS, and multiple third-party integrations including analytics (Google Analytics, Klaviyo), marketing (Facebook Pixel, Omnisend), and review systems (Loox). The site is well-optimized for performance and mobile devices, with good accessibility and SEO practices. Hosting is via Shopify's CDN, ensuring fast load times and reliability. The technical stack is modern and appropriate for an e-commerce business, with no visible technical debt or deprecated technologies. Opportunities exist to improve technical transparency by publishing security headers explicitly and providing more detailed security documentation.
Analyze Another Website