Skip to main content

Is berta.me a Scam? Security Check Results - Berta.me Reviews

berta.me favicon

Is berta.me Safe? Security Analysis for Berta.me

https://berta.me

Check if berta.me is a scam or legitimate. Free security scan and reviews.

TechnologyUnited Statessmall
JavaScriptGoogle AnalyticsFacebook PixelNew Relic monitoringMooTools (mooMasonry.js)+2 more
Analyzed 7/31/2025Completed 3:16:35 AM
37
Security Score
HIGH RISK

Security scan incomplete. 3 out of 9 security checks failed to complete. The website may be inaccessible or protected by security measures. Please retry the scan or verify the website is accessible.

AI Summary

Berta.me is a small technology company offering a website builder platform tailored for creatives such as artists, photographers, and designers. The platform emphasizes simplicity, clean design, and mobile-friendly responsive themes, enabling users to create portfolios, company sites, and online stores. The business has been established since 2011 and maintains a consistent brand presence with active social media channels. Technically, the website employs a custom CMS (Berta CMS) and integrates modern JavaScript libraries, Google Analytics, Facebook Pixel, and New Relic for performance monitoring. Hosting is claimed to be secure cloud-based with backups, although the specific provider is not disclosed. Security posture is basic with HTTPS enabled but lacks advanced DNS security features like DNSSEC and security headers such as CSP or HSTS. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. No contact emails or phone numbers are provided, which may impact user trust. Overall, the website is functional, well-designed, and targets a niche market but would benefit from enhanced security and privacy practices.

Detected Technologies

JavaScriptGoogle AnalyticsFacebook PixelNew Relic monitoringMooTools (mooMasonry.js)HTML5CSS3

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Berta.me occupies a niche in the website builder market focusing on creatives who desire minimalistic and mobile-optimized websites. Its business model revolves around providing easy-to-use tools for portfolio and online store creation, supported by a secure hosting environment. The company leverages partnerships with hosting providers (hosting.berta.me) and integrates third-party analytics and marketing tools to drive user engagement and conversions. The absence of explicit contact information and privacy policies suggests a small operation possibly relying on automated or self-service support. The domain's age and stable registration indicate an established presence, but the use of WHOIS privacy protection is typical for small tech businesses. Growth opportunities may include expanding privacy compliance, improving security posture, and enhancing customer support visibility.

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a basic security posture with HTTPS enabled and domain registration protections such as clientDeleteProhibited status. However, it lacks DNSSEC, security headers, and published security policies or incident response contacts. The use of multiple third-party tracking scripts increases the attack surface and privacy risks. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of cookie consent mechanisms and privacy policies indicates non-compliance with GDPR and similar regulations. Incident response readiness appears minimal due to lack of published contacts. Overall, the security maturity is low to moderate, suitable for a small business but requiring improvements to meet higher compliance and security standards.

Strategic Recommendations

Priority Actions for Security Improvement

1

Enable DNSSEC on the domain to enhance DNS security and prevent spoofing.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Berta.me

Description:

Create a beautiful portfolio, company site or online store with the Berta.me website builder. Creative people love our clean and simple design.

Key Services:
Website builderPortfolio creationCompany site creationOnline store setupSecure hosting
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
JavaScriptGoogle AnalyticsFacebook PixelNew Relic monitoringMooTools (mooMasonry.js)HTML5CSS3
Performance:

moderate

Mobile:

excellent

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
60/100
Best Practices:
  • HTTPS enabled
  • Domain status includes clientDeleteProhibited and other EPP protections
  • Secure hosting with backups claimed

Analytics & Tracking

Services:
Google AnalyticsNew Relic
Tracking Level:moderate
Privacy Compliance:poor

Advertising & Marketing

Ad Networks:
Google Ads
Tracking Pixels:
Facebook PixelNew Relic
Marketing Tools:
Facebook PixelNew Relic
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:moderate

Key Observations

1

Website is fully accessible with no blocking or WAF challenges

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

0/100
Score
Analysis failed - content could not be retrieved

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

0/100
Score
Analysis failed - content could not be retrieved

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

0/100
Score
Analysis failed - content could not be retrieved

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

80/100
Score

Complex SPF record

LOW

Too many include statements can cause lookup limits

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:emailsrvr.com include:spf.mailjet.com include:berta01.berta01.f9.internal.cloudapp.net include:_spf.chargedesk.com include:mailgun.org ~all
DNS Lookups:5/10
Policy:~all
DKIM Selectors Found
Selector:s1(1296-bit rsa)

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

42/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 74 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Mixed Content Detected

MEDIUM

3 resources loaded over insecure HTTP

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.2TLSv1.3TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

60/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Expires Soon

HIGH

Domain expires in 24 days

No DMARC Record

MEDIUM

DMARC policy not configured

Domain Registration Details

Domain Age
13 years(mature)
Expiry Risk
high(5 days)
Protection Level
strongDNSSEC OFF
Suspicious Indicators Detected
  • Privacy/proxy registration detected

DNS Records

A Records:206.189.242.57
Name Servers:
a.ns.berta.me
b.ns.berta.me
MX Records:
10: mx1.emailsrvr.com
20: mx2.emailsrvr.com
SOA:Serial: 0, TTL: 3600s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:158ms

SPF Analysis

SPF Record:
v=spf1 include:emailsrvr.com include:spf.mailjet.com include:berta01.berta01.f9.internal.cloudapp.net include:_spf.chargedesk.com include:mailgun.org ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

40/100
Score

Service Exposed: SSH

MEDIUM

Port 22 (SSH) is publicly accessible - SSH - Secure but can be brute-forced

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a custom CMS (Berta CMS) with a technology stack including JavaScript, MooTools, Google Analytics, Facebook Pixel, and New Relic for monitoring. The HTML and CSS are valid and support responsive design, ensuring good mobile optimization. Performance is moderate with some external script dependencies. SEO is supported by meta tags and structured JSON-LD data describing the website and organization. Accessibility features are basic but present. Hosting is cloud-based and claimed secure, though no specific provider details are given. The technical infrastructure is adequate for a small business but could benefit from modernization and enhanced security configurations.
Analyze Another Website