Skip to main content

Is getreditus.com a Scam? Security Check Results - Reditus Reviews

getreditus.com favicon

Is getreditus.com Safe? Security Analysis for Reditus

https://getreditus.com

Check if getreditus.com is a scam or legitimate. Free security scan and reviews.

TechnologyN/asmall
WordPressPHPJavaScriptjQueryGoogle Fonts+5 more
Analyzed 9/4/2025Completed 11:22:59 PM
60
Security Score
MEDIUM RISK

AI Summary

Reditus operates a specialized B2B SaaS affiliate network platform designed to help SaaS companies grow their monthly recurring revenue by leveraging affiliate marketing and in-app referral programs. The company positions itself as an award-winning, trusted partner for leading B2B SaaS brands, offering services such as affiliate recruitment, program management, and seamless migration with transparent revenue-based pricing. The website is professionally designed, mobile-optimized, and rich in relevant content, targeting SaaS businesses and affiliates effectively. Technically, the website is built on WordPress using the Astra theme, enhanced with modern JavaScript libraries and analytics tools including HubSpot, PostHog, and Segment. The site employs lazy loading for performance optimization and includes SEO best practices via Yoast SEO. The technical infrastructure reflects a mature digital presence with fast loading times and good accessibility. From a security perspective, the site enforces HTTPS and implements several security headers, indicating a solid baseline security posture. However, there is a lack of publicly available security policies, incident response plans, or vulnerability disclosure mechanisms, which are areas for improvement. The absence of WHOIS registration data introduces some uncertainty about domain legitimacy, although the professional site and business presence mitigate this concern. Overall, Reditus presents a credible and professional online presence with strong business and technical foundations. Strategic enhancements in transparency around security policies and domain registration details would further strengthen trust and compliance.

Detected Technologies

WordPressPHPJavaScriptjQueryGoogle FontsYoast SEOHubSpot AnalyticsPostHogSegment AnalyticsRocket Lazy Load

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Reditus targets the niche market of B2B SaaS companies seeking to expand growth through affiliate marketing and referral programs. Its competitive advantage lies in combining an affiliate network with in-app referral capabilities and data-driven affiliate validation. The revenue-based pricing model aligns incentives with client success. The company leverages partnerships and integrations, as evidenced by its app portal and help center subdomains. The presence of case studies, customer testimonials, and awards from G2 reinforce market credibility. The business model is SaaS-based with a focus on platform-as-a-service offerings for marketing growth. The target customers are SaaS companies and affiliates looking for scalable growth channels. The company appears to be small-sized with a focused product offering and a growing ecosystem.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

i*****@getreditus.com

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a good security baseline with HTTPS enforced and multiple security headers implemented, reducing risks of common web attacks. The use of lazy loading and script management indicates attention to performance and security hygiene. However, the lack of published security policies, incident response contacts, and vulnerability disclosure programs limits transparency and preparedness perception. No exposed sensitive data or vulnerable libraries were detected in the HTML content. The WHOIS data absence is a concern for domain trustworthiness. Overall, the security posture is moderate to good but would benefit from enhanced transparency and formalized security documentation.

Strategic Recommendations

Priority Actions for Security Improvement

1

Publish a dedicated security policy page detailing security practices and compliance.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Reditus

Description:

Grow the MRR for your B2B SaaS by leveraging the audience of someone else. Setup, manage & recruit B2B SaaS affiliates via Reditus. Free plan.

Key Services:
B2B SaaS Affiliate NetworkIn-app Referral ProgramAffiliate program managementAffiliate recruitmentReferral program setup
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
WordPressPHPJavaScriptjQueryGoogle FontsYoast SEOHubSpot AnalyticsPostHogSegment AnalyticsRocket Lazy Load
Frameworks:
Astra WordPress Theme
Platforms:
WordPress CMS
Performance:

fast

Mobile:

excellent

Accessibility:

good

SEO:

excellent

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • Lazy loading scripts
  • No exposed sensitive data in HTML
  • Use of security headers

Analytics & Tracking

Services:
HubSpotPostHogSegment
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Tracking Pixels:
HubSpotPostHogSegment
Marketing Tools:
HubSpotSegment Analytics
Transparency Level:good

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with no blocking or WAF challenges.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

15/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

53/100
Score

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

No Data Protection Officer mentioned

LOW

Large organizations may need to designate a DPO under GDPR

Privacy policy may not be GDPR compliant

MEDIUM

Privacy policy lacks explicit GDPR compliance elements

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, banking, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

85/100
Score

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 ip4:109.71.54.24 include:_spf.google.com include:spf.mandrillapp.com include:143804338.spf06.hubspotemail.net ~all
DNS Lookups:3/10
Policy:~all
DKIM Selectors Found
Selector:default(1416-bit rsa)
Selector:google(1296-bit rsa)
Selector:k1(1296-bit rsa)
Selector:s1(1440-bit rsa)
DMARC Details
Policy:quarantine
Subdomain Policy:none
Aggregate Reports:ipm4k54@ar.glockapps.com
Forensic Reports:ipm4k54@fr.glockapps.com

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

75/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 61 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:getreditus.com
Issuer:WE1
Valid Until:11/5/2025 (61 days)
SANs:getreditus.com, *.getreditus.com

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

70/100
Score

Unregistered MX Record

HIGH

MX record points to unregistered domain: sjpjhw4tmybina7ulyqc5tmzfcptkopgk3n26cjrnz43d2fxipiq.mx-verification.google.com

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

Domain Registration Details

Domain Age
5 years(mature)
Expiry Risk
medium(68 days)
Protection Level
basicDNSSEC OFF

DNS Records

A Records:172.66.40.59, 172.66.43.197
AAAA Records:2606:4700:3108::ac42:283b, 2606:4700:3108::ac42:2bc5
Name Servers:
sima.ns.cloudflare.com
will.ns.cloudflare.com
MX Records:
1: aspmx.l.google.com
10: alt3.aspmx.l.google.com
10: alt4.aspmx.l.google.com
15: sjpjhw4tmybina7ulyqc5tmzfcptkopgk3n26cjrnz43d2fxipiq.mx-verification.google.com
5: alt1.aspmx.l.google.com
5: alt2.aspmx.l.google.com
SOA:Serial: 2382357555, TTL: 1800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:42ms

SPF Analysis

SPF Record:
v=spf1 ip4:109.71.54.24 include:_spf.google.com include:spf.mandrillapp.com include:143804338.spf06.hubspotemail.net ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on a modern WordPress CMS with the Astra theme and child theme customization. It uses JavaScript libraries such as jQuery and advanced lazy loading techniques to optimize performance. Analytics and marketing tools include HubSpot, PostHog, and Segment, indicating a mature data-driven approach. The site is mobile-optimized with responsive design and accessibility considerations. SEO is well implemented with Yoast SEO plugin and structured data in JSON-LD format. No major technical debt or outdated technologies were detected. Hosting provider details are not explicitly found. Performance is fast with good resource management. Opportunities exist to enhance security documentation and domain registration transparency.
Analyze Another Website