Skip to main content

Is apinvesting.cz a Scam? Security Check Results - AP INVESTING, s. r. o. Reviews

apinvesting.cz favicon

Is apinvesting.cz Safe? Security Analysis for AP INVESTING, s. r. o.

Check if apinvesting.cz is a scam or legitimate. Free security scan and reviews.

Real EstateCzech Republicmedium
jQuerySwiper.jsFancyboxGoogle Tag ManagerGoogle Analytics
Analyzed 8/1/2025Completed 3:19:00 AM
51
Security Score
MEDIUM RISK

AI Summary

AP INVESTING, s. r. o. is a Czech company specializing in engineering and consulting services in the construction sector, focusing on project management and financing of construction projects. The company serves primarily public sector clients such as cities and municipalities, with expertise in water management and environmental projects. It is part of the PROCON GROUP, a consortium of related companies providing comprehensive construction and engineering services. The website is professionally designed, content-rich, and targets both public and private sector clients. Technically, the site uses modern web technologies including ProcessWire CMS, jQuery, and Swiper.js, and integrates Google Analytics and Tag Manager for analytics and marketing purposes. The cookie consent mechanism is implemented with granular user controls, reflecting good privacy compliance practices. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and registrant information. Security posture is moderate with room for improvement in security headers and published policies. Overall, the website presents a trustworthy and professional business presence with a solid technical foundation.

Detected Technologies

jQuerySwiper.jsFancyboxGoogle Tag ManagerGoogle Analytics

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

AP INVESTING holds a stable market position as a trusted partner with over 30 years of experience in construction project management and financing. Its business model revolves around providing comprehensive engineering and consulting services tailored to public and private sector needs. The company benefits from being part of the PROCON GROUP, which enhances its service offerings and market reach. Key competitive advantages include a long-standing reputation, specialized expertise in water and environmental projects, and a broad portfolio of successfully completed projects. The company targets municipalities, public institutions, and private clients requiring complex construction project support. The website reflects a mature digital presence with clear branding and professional content, supporting business growth and client engagement.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

i*****@apinvesting.cz

Phone Numbers (1)

+4205414*****

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a moderate security maturity level. It employs HTTPS and a cookie consent mechanism with default denial for ad and analytics storage, indicating awareness of privacy regulations such as GDPR. However, no explicit security headers (e.g., CSP, HSTS) were detected, and there is no published security policy or incident response information. The contact form includes explicit consent for personal data processing, which is positive. The use of third-party analytics and marketing scripts introduces potential risk vectors that require regular auditing. The lack of WHOIS transparency reduces overall trust. There are no visible vulnerabilities or exposed sensitive data in the HTML content. To enhance security posture, the company should implement recommended HTTP security headers, publish security policies, and consider a vulnerability disclosure program.

Strategic Recommendations

Priority Actions for Security Improvement

1

Implement and enforce HTTP security headers such as Content-Security-Policy, Strict-Transport-Security, X-Frame-Options, and X-Content-Type-Options.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

AP INVESTING, s. r. o.

Description:

Jsme AP INVESTING, odborník na inženýrské a poradenské služby ve stavebnictví. Poskytujeme komplexní podporu pro malé i velké projekty. Od projektové a finanční přípravy staveb přes řízení jejich realizace až po uvedení staveb do trvalého provozu. Poradíme také s administrací veřejných zakázek. Mezi klienty převládají města a obce, doménou je vodní hospodářství a životní prostředí, zejména odkanalizování, čištění odpadních vod a zásobování pitnou vodou.

Key Services:
komplexní projektové řízenítechnický dozor stavebníkakoordinace BOZP na staveništiporadenství při financování stavebních projektůzajištění dotačních prostředkůinženýring a příprava staveb od návrhu po realizaci
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
jQuerySwiper.jsFancyboxGoogle Tag ManagerGoogle Analytics
Frameworks:
ProcessWire CMS
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
70/100
Best Practices:
  • Cookie consent with granular controls
  • Consent default denied for ad and analytics storage
  • Use of HTTPS (implied by canonical and og:url https)

Analytics & Tracking

Services:
Google Analytics
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Ad Networks:
Google AdsSeznam SklikFacebook Pixel
Tracking Pixels:
Facebook Pixel
Transparency Level:good

Website Quality Assessment

Design Quality:excellent
User Experience:good
Content Relevance:excellent
Navigation Clarity:good
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with rich content in Czech language.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

45/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

25/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

EU business without adequate privacy measures

CRITICAL

EU businesses are subject to strict GDPR requirements

Third-party services without privacy policy

HIGH

Detected services: Google Analytics, Facebook, LinkedIn

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

75/100
Score

DMARC not enforcing

MEDIUM

DMARC policy is set to "none"

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 a mx ip4:185.24.238.178 include:spf.brevo.com include:spf.protection.outlook.com -all
DNS Lookups:4/10
Policy:-all
DMARC Details
Policy:none
Aggregate Reports:rua@dmarc.brevo.com
MTA-STS Details

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

72/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 84 days

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

80/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

DMARC Policy Set to None

LOW

DMARC is configured but not enforcing any policy

Domain Registration Details

Domain Age
25 years(mature)

DNS Records

A Records:192.250.229.24
Name Servers:
ns.forpsi.czDNS only
ns.forpsi.it
ns.forpsi.net
MX Records:
10: apinvesting-cz.mail.protection.outlook.com
SOA:Serial: 2025051302, TTL: 3600s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:104ms

SPF Analysis

SPF Record:
v=spf1 a mx ip4:185.24.238.178 include:spf.brevo.com include:spf.protection.outlook.com -all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

20/100
Score

High-Risk Service Exposed: FTP

HIGH

Port 21 (FTP) is publicly accessible - FTP - Often unencrypted file transfer

Service Exposed: SSH

MEDIUM

Port 22 (SSH) is publicly accessible - SSH - Secure but can be brute-forced

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on the ProcessWire CMS platform, utilizing modern JavaScript libraries such as jQuery, Swiper.js for sliders, and Fancybox for modals. Google Tag Manager and Google Analytics are integrated for tracking and marketing purposes. The site is mobile responsive with good SEO practices including meta tags and Open Graph data. Performance is moderate, with potential improvements in loading speed and accessibility. The cookie consent implementation is robust, allowing granular user control. No hosting provider or server infrastructure details were identified from the HTML content. Overall, the technical stack is modern and well-maintained, supporting a professional online presence.
Analyze Another Website