Is zonerpress.cz Safe? Security Analysis for Zoner a. s.
Check if zonerpress.cz is a scam or legitimate. Free security scan and reviews.

AI Summary
ZonerPress.cz is an established Czech publishing company and e-commerce platform operated by Zoner a. s., specializing in educational and leisure books focused on photography, graphic design, programming, and art. The website targets photographers, artists, programmers, and general readers seeking practical guides and creative literature. The platform demonstrates a solid market position within the Czech Republic's retail and publishing sectors, offering a broad catalog of physical and electronic books. Technically, the site employs modern frontend technologies including Bootstrap and Svelte, integrates live chat support, and uses multiple tracking and marketing tools such as Google Tag Manager and Ecomail. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure, though it lacks some security headers and formal incident response contacts. Privacy compliance is partial, with cookie consent implemented but no explicit privacy policy found. WHOIS data is unavailable, limiting domain trust assessment, but the website's professional presentation and contact information support legitimacy. Overall, the site is a credible and functional e-commerce platform with room for improvement in privacy and security transparency.
Detected Technologies
🧠AI Business Intelligence
Technology stack, business insights, and market analysis powered by AI.
Business Intelligence
Market & Strategic Analysis
ZonerPress.cz operates in the retail and education sectors, focusing on niche publishing for photography, graphic arts, and programming. Its business model combines content creation and direct online sales, targeting a specialized audience of creatives and professionals. The company leverages digital marketing and tracking tools to engage customers and optimize sales. The absence of WHOIS data is a minor concern but does not detract significantly from the business credibility given the clear company branding and contact details. The platform's integration of live chat and structured navigation indicates a customer-centric approach. Growth potential lies in expanding digital offerings and enhancing privacy and security compliance to meet evolving regulatory standards.
Extracted Contact Information
Marketing Intelligence Data
Email Addresses (1)
Phone Numbers (1)
Security Posture Analysis
Comprehensive Security Assessment
The website maintains a baseline security posture with HTTPS enabled and no evident exposure of sensitive information. However, the lack of security headers such as Content Security Policy, HSTS, and X-Frame-Options reduces defense-in-depth. The use of multiple third-party scripts introduces potential risk vectors that require ongoing monitoring. No incident response or vulnerability disclosure information is provided, which could hinder timely mitigation of security issues. Privacy compliance is partial, with cookie consent present but no clear privacy policy or GDPR compliance statements. Overall, the security maturity is moderate, suitable for the business type but improvable through enhanced policies and technical controls.
Strategic Recommendations
Priority Actions for Security Improvement
Publish a comprehensive privacy policy and terms of service to improve transparency and compliance.
✨Observations
AI-powered comprehensive website and business analysis.
AI-Enhanced Website Analysis
Business Insights
Zoner a. s.
Vydavatelství Zoner Press offers practical guides for photographers of all levels, a wide range of books for drawers and painters, and professional publications for graphic designers, programmers, web designers, and managers. It focuses on education and publishing.
good
consistent
Technical Stack
moderate
good
basic
good
Security Assessment
- HTTPS enforced
- No exposed sensitive data in HTML
- Use of live chat with secure keys
- Cookie consent mechanism implemented
Analytics & Tracking
Advertising & Marketing
Website Quality Assessment
Key Observations
Website is a professional e-commerce and publishing platform for educational and leisure books.
🛡️Security Headers
HTTP security headers analysis and recommendations.
Security Headers
HTTP security headers analysis
Missing X-Frame-Options header
HIGHPrevents clickjacking attacks
Missing X-Content-Type-Options header
MEDIUMPrevents MIME type sniffing
Missing Content-Security-Policy header
HIGHControls resources the browser is allowed to load
Missing X-XSS-Protection header
MEDIUMLegacy XSS protection (deprecated but still recommended)
Missing Referrer-Policy header
LOWControls referrer information sent with requests
Missing Permissions-Policy header
MEDIUMControls browser features and APIs
👤GDPR Compliance
Privacy and data protection assessment under GDPR regulations.
GDPR Compliance
Privacy and data protection assessment
No Privacy Policy found
HIGHGDPR requires a clear and accessible privacy policy
No Cookie Policy found
HIGHGDPR requires clear information about cookie usage
No Cookie Consent Banner found
HIGHGDPR requires explicit consent for non-essential cookies
EU business without adequate privacy measures
CRITICALEU businesses are subject to strict GDPR requirements
Third-party services without privacy policy
HIGHDetected services: Google Analytics, Facebook, YouTube, Cloudflare, Google APIs
GDPR Compliance Analysis
🛡️NIS2 Compliance
Network & Information Security Directive compliance assessment.
NIS2 Compliance
Network & Information Security Directive
No information security framework found
HIGHNIS2 requires documented cybersecurity and information security measures
No vulnerability disclosure policy
MEDIUMNIS2 encourages coordinated vulnerability disclosure
No security policy documentation found
HIGHNIS2 requires documented cybersecurity governance and risk management
No incident response procedures found
HIGHNIS2 requires documented incident response and business continuity plans
No security contact information
HIGHNIS2 requires clear incident reporting channels
No vulnerability reporting mechanism
MEDIUMClear vulnerability reporting supports coordinated disclosure
No NIS2 reference found
LOWConsider explicitly mentioning NIS2 compliance efforts
Critical sector without clear security compliance
HIGHDetected sectors: transport, digital
📧Email Security
SPF, DKIM, and DMARC validation and email security assessment.
Email Security
SPF, DKIM, and DMARC validation
DMARC not enforcing
MEDIUMDMARC policy is set to "none"
No DKIM record found
MEDIUMDKIM adds cryptographic signatures to emails
No BIMI Record
LOWBIMI displays brand logos in email clients
No MTA-STS Policy
MEDIUMMTA-STS enforces TLS for email delivery
No TLS-RPT Record
LOWTLS-RPT provides reporting for email TLS issues
SPF Details
DMARC Details
🏆SSL/TLS Security
Certificate validity and encryption analysis.
SSL/TLS Security
Certificate validity and encryption analysis
Mixed Content Detected
MEDIUM3 resources loaded over insecure HTTP
Partial SSL/TLS Assessment
LOWCompleted 2 of 4 security checks due to time constraints
Certificate Details
OCSP Status
📊DNS Health
DNS configuration and security assessment.
DNS Health
DNS configuration and security assessment
DNSSEC Not Enabled
MEDIUMDNSSEC is not configured for this domain
CAA Records Not Configured
LOWCertificate Authority Authorization (CAA) records not found
DMARC Policy Set to None
LOWDMARC is configured but not enforcing any policy
Domain Registration Details
DNS Records
DNSSEC Status
DNS Performance
SPF Analysis
⚡Network Security
Port scanning and network exposure analysis.
Network Security
Port scanning and network exposure analysis
High-Risk Service Exposed: FTP
HIGHPort 21 (FTP) is publicly accessible - FTP - Often unencrypted file transfer
High-Risk Service Exposed: RPC
HIGHPort 135 (RPC) is publicly accessible - RPC - Windows RPC endpoint
High-Risk Service Exposed: NetBIOS
HIGHPort 139 (NetBIOS) is publicly accessible - NetBIOS - Windows file sharing
🔧Technical Analysis
Detailed technical findings and analysis from AI assessment.
Technical Analysis
Comprehensive security assessment findings