Skip to main content

Is unscreen.com a Scam? Security Check Results - Canva Austria GmbH Reviews

unscreen.com favicon

Is unscreen.com Safe? Security Analysis for Canva Austria GmbH

https://unscreen.com

Check if unscreen.com is a scam or legitimate. Free security scan and reviews.

TechnologyAustriamedium
Vue.jsGoogle FontsFontAwesomeGoogle Tag ManagerhCaptcha
Analyzed 8/2/2025Completed 12:40:28 PM
70
Security Score
MEDIUM RISK

AI Summary

Unscreen is a technology-driven SaaS platform specializing in automatic video background removal, eliminating the need for traditional greenscreen techniques. The service targets content creators, video editors, and professionals seeking efficient background removal solutions. It offers a freemium model with a Pro subscription that includes HD output, no watermarks, API access, and plugins for popular video editing software. The platform is branded under Canva Austria GmbH, indicating strong corporate backing and market presence. Technically, the website employs modern web technologies including Vue.js, Google Fonts, FontAwesome, and Google Tag Manager for analytics. It uses HTTPS with CSRF protection and hCaptcha for form security, reflecting a mature digital infrastructure. The site is well-optimized for mobile and desktop, with excellent design and user experience. From a security perspective, the site enforces HTTPS and uses anti-bot measures but lacks explicit security headers and published security policies or incident response contacts. The absence of WHOIS data for the domain is a transparency concern but is mitigated by the professional branding and trust signals present on the site. Overall, Unscreen presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security transparency and WHOIS data availability would enhance trust and compliance posture.

Detected Technologies

Vue.jsGoogle FontsFontAwesomeGoogle Tag ManagerhCaptcha

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Unscreen operates in the niche market of video background removal, leveraging AI to simplify a traditionally complex process. Its competitive advantage lies in full automation, ease of use, and integration with professional editing tools. The freemium business model with upsell to Pro subscriptions and API usage supports diversified revenue streams. The target customers include individual creators, social media users, and professional video editors. The company benefits from association with Canva Austria GmbH, enhancing market credibility and access to resources. Partnerships with identity providers and related brands expand its ecosystem. Growth indicators include active blog content, press coverage, and plugin releases. The company maintains a professional online presence with clear branding and customer testimonials.

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a moderate to high security maturity level with HTTPS enforcement, CSRF tokens, and bot protection via hCaptcha. However, it lacks several security best practices such as explicit security headers (CSP, X-Frame-Options), a published security policy, and incident response contact information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data reduces transparency and could be a concern for domain legitimacy verification. GDPR compliance is indicated through privacy and cookie policies with consent mechanisms. Incident response readiness and vulnerability disclosure programs are not evident, representing areas for improvement. Overall, the security posture is solid but could benefit from enhanced transparency and formalized policies.

Strategic Recommendations

Priority Actions for Security Improvement

1

Publish a comprehensive security policy and incident response contact information on the website.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Canva Austria GmbH

Description:

Unscreen provides an automatic online service to remove video backgrounds without the need for greenscreens or chroma keying.

Key Services:
Automatic video background removalPro subscription with HD output and no watermarkAPI accessPlugins for Adobe Premiere Pro and After Effects
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
Vue.jsGoogle FontsFontAwesomeGoogle Tag ManagerhCaptcha
Frameworks:
Vue.js
Platforms:
Web
Performance:

fast

Mobile:

excellent

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • CSRF tokens present
  • hCaptcha anti-bot protection on forms

Analytics & Tracking

Services:
Google Analytics
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Tracking Pixels:
Google Analytics (via Google Tag Manager)
Transparency Level:good

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with rich content and interactive features.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

65/100
Score

Weak Strict-Transport-Security configuration

LOW

Current value: "max-age=15552000"

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

83/100
Score

No Data Protection Officer mentioned

LOW

Large organizations may need to designate a DPO under GDPR

Privacy policy may not be GDPR compliant

MEDIUM

Privacy policy lacks explicit GDPR compliance elements

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

70/100
Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:spf.mailjet.com include:mail.zendesk.com ?all
DNS Lookups:2/10
Policy:?all
DMARC Details
Policy:reject
Aggregate Reports:re+tw5rry84n37@inbound.dmarcdigests.com

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

75/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 76 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:unscreen.com
Issuer:WE1
Valid Until:10/18/2025 (76 days)
SANs:unscreen.com, *.unscreen.com, hello.unscreen.com +2 more

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

65/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

Weak SPF Policy

HIGH

SPF record has permissive policy allowing any server to send email

Domain Registration Details

Domain Age
21 years(mature)
Expiry Risk
none(447 days)
Protection Level
basicDNSSEC OFF

DNS Records

A Records:104.18.35.211, 172.64.152.45
AAAA Records:2606:4700:4400::6812:23d3, 2606:4700:4400::ac40:982d
Name Servers:
abby.ns.cloudflare.com
earl.ns.cloudflare.com
MX Records:
5: alt2.aspmx.l.google.com
10: aspmx2.googlemail.com
10: aspmx3.googlemail.com
1: aspmx.l.google.com
5: alt1.aspmx.l.google.com
SOA:Serial: 2378494615, TTL: 1800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:57ms

SPF Analysis

SPF Record:
v=spf1 include:spf.mailjet.com include:mail.zendesk.com ?all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built using modern frontend technologies including Vue.js and integrates Google Fonts and FontAwesome for UI elements. It uses Google Tag Manager for analytics and hCaptcha for bot mitigation. The site is mobile-optimized with responsive design and good accessibility features. SEO is supported by proper meta tags and Open Graph data. The absence of a detected CMS suggests a custom or static site architecture. Hosting provider details are not explicit but the site uses HTTPS with valid SSL certificates. Performance is fast with no broken elements detected. Opportunities exist to enhance security headers and formalize security policies to reduce technical risks.
Analyze Another Website