Skip to main content
GeneralMixed

SEO Report: nkp.se

Generated 9 de maio de 2026 · 31 findings · 5.9s

88
report.overallScore
80
seo
88
security
0
performance
100
accessibility
97
Best Practices

Institutional websites prioritize accessibility, security, and proper indexing — citizens and stakeholders need easy access to relevant information.

Score Breakdown

Average General score: 50

seo
80(+35 vs avg)
security
88(+30 vs avg)
performance
0(-44 vs avg)
accessibility
100(+48 vs avg)
Best Practices
97(+41 vs avg)

Score Projection

Estimated improvement based on the findings in this report

Current score: 88Projected score: 91
Current score
Free (+2)
Starter (+1)

Ready to improve your SEO?

Start a free trial and see how your score can improve.

Module Breakdown

headers
206 findings
structured data
301 finding
sitemap
301 finding
crawl budget
602 findings
brand checker
753 findings
cookies
852 findings
dns
853 findings
ssl
851 finding
reputation
852 findings
content
872 findings
news mentions
90
technology
951 finding
mobile
952 findings
rate limits
952 findings
meta
972 findings
robots
100
accessibility
100
layout scan
100
social checker
100
uptime checker
100
page experience
1001 finding
indexing checker
100
log analyzer
100

All Findings (27)

Critical (3)

  • highheaders

    Missing strict-transport-security

    HSTS header is missing. The site may be vulnerable to downgrade attacks.

    Add Strict-Transport-Security header with max-age of at least 31536000

  • highsitemap

    Missing sitemap.xml

    No sitemap.xml found at the root

    Create a sitemap.xml to help search engines discover all pages

  • highcrawl budget

    Crawl traps detected

    Found 44 URLs with pagination/faceted navigation patterns

    Use rel=nofollow, URL parameters in GSC, or robots.txt to prevent crawlers from following these patterns

Medium (10)

  • mediumcookies

    1 cookie missing Secure flag

    Cookies without Secure flag can be sent over unencrypted HTTP connections

    Add the Secure attribute to all cookies to prevent transmission over HTTP

  • mediumheaders

    Missing content-security-policy

    CSP header is missing. The site may be vulnerable to XSS attacks.

    Add a Content-Security-Policy header to restrict resource loading

  • mediumheaders

    Missing x-content-type-options

    X-Content-Type-Options is missing. MIME-sniffing attacks are possible.

    Add X-Content-Type-Options: nosniff header

  • mediumheaders

    Missing x-frame-options

    X-Frame-Options is missing. The site may be vulnerable to clickjacking.

    Add X-Frame-Options: DENY or SAMEORIGIN header

  • mediumssl

    HTTP does not redirect to HTTPS

    Port 80 does not redirect to HTTPS

    Set up a 301 redirect from HTTP to HTTPS

  • mediumstructured data

    No structured data found

    No JSON-LD schemas detected on the page

    Add structured data (Organization, WebSite, BreadcrumbList) for rich search results

  • mediumcontent

    Very low text-to-HTML ratio

    Text/HTML ratio is 1% (recommended: >5%)

    Increase meaningful text content relative to HTML markup

  • mediumbrand checker

    No Organization schema

    No Organization JSON-LD found

    Add Organization structured data with name, logo, and contact information

  • mediumcrawl budget

    No sitemap.xml found

    sitemap.xml returned HTTP 404

    Create a sitemap.xml to help search engines discover all pages

  • mediumreputation

    No review platform links found

    No links to Trustpilot, Google Business, TripAdvisor, Yelp, G2, Capterra, or Glassdoor detected on the homepage

    Add links to your review profiles to build trust signals and improve local SEO

Low (14)

  • lowcookies

    1 cookie missing HttpOnly flag

    Cookies without HttpOnly can be accessed by JavaScript, increasing XSS risk

    Add HttpOnly to session and authentication cookies

  • lowdns

    No IPv6 (AAAA) records

    The domain has no AAAA records for IPv6 connectivity

    Add AAAA DNS records for IPv6 support

  • lowdns

    DMARC policy is 'none'

    DMARC is set but policy is 'none' (monitoring only).

    Consider upgrading DMARC policy to 'quarantine' or 'reject'

  • lowdns

    Only one MX record (no redundancy)

    A single MX record means no failover if the mail server goes down.

    Add a secondary MX record for email redundancy

  • lowheaders

    Missing referrer-policy

    Referrer-Policy is not set. Full URLs may leak to third parties.

    Add Referrer-Policy: strict-origin-when-cross-origin

  • lowheaders

    Missing permissions-policy

    Permissions-Policy is missing.

    Add Permissions-Policy to restrict browser feature access

  • lowmeta

    Title too long

    Title is 108 characters (recommended: 50-60)

    Shorten the title to 50-60 characters

  • lowtechnology

    Many third-party domains

    21 external domains — may impact performance and privacy

    Reduce third-party dependencies or self-host critical resources

  • lowcontent

    Lazy images without dimensions

    2 lazy-loaded images lack width/height — causes layout shift

    Add width and height attributes to lazy-loaded images

  • lowmobile

    Viewport missing initial-scale

    Viewport does not set initial-scale

    Add initial-scale=1 to viewport meta tag

  • lowrate limits

    No rate limiting detected

    No explicit rate-limit headers or 429 responses detected. Cloudflare WAF provides platform-level protection.

    Implement rate limiting (e.g., 429 Too Many Requests) to protect against brute-force attacks

  • lowbrand checker

    No WebSite schema

    No WebSite JSON-LD found

    Add WebSite structured data for sitelinks search box in Google

  • lowbrand checker

    No web app manifest

    No manifest.json linked — PWA features unavailable

    Add a web app manifest for installability and brand customization

  • lowreputation

    Only 0 sameAs entries

    Found 0 sameAs URLs across all JSON-LD entities — search engines use sameAs to verify brand identity

    Add sameAs URLs for all your social profiles, Wikipedia page, and business directory listings (aim for 3+)

AI Fix Prompt

Copy this prompt into ChatGPT or Claude to get step-by-step fix instructions

Fix all SEO issues found in the audit of nkp.se.

Prioritize high-severity issues first, then medium. For each fix, make the actual code change — don't just describe what to do.

```json
{
  "domain": "nkp.se",
  "scores": {
    "overall": 88,
    "performance": 0,
    "seo": 80,
    "accessibility": 100,
    "bestPractices": 97,
    "security": 88
  },
  "findings": [
    {
      "module": "cookies",
      "severity": "medium",
      "title": "1 cookie missing Secure flag",
      "description": "Cookies without Secure flag can be sent over unencrypted HTTP connections",
      "recommendation": "Add the Secure attribute to all cookies to prevent transmission over HTTP"
    },
    {
      "module": "headers",
      "severity": "high",
      "title": "Missing strict-transport-security",
      "description": "HSTS header is missing. The site may be vulnerable to downgrade attacks.",
      "recommendation": "Add Strict-Transport-Security header with max-age of at least 31536000"
    },
    {
      "module": "headers",
      "severity": "medium",
      "title": "Missing content-security-policy",
      "description": "CSP header is missing. The site may be vulnerable to XSS attacks.",
      "recommendation": "Add a Content-Security-Policy header to restrict resource loading"
    },
    {
      "module": "headers",
      "severity": "medium",
      "title": "Missing x-content-type-options",
      "description": "X-Content-Type-Options is missing. MIME-sniffing attacks are possible.",
      "recommendation": "Add X-Content-Type-Options: nosniff header"
    },
    {
      "module": "headers",
      "severity": "medium",
      "title": "Missing x-frame-options",
      "description": "X-Frame-Options is missing. The site may be vulnerable to clickjacking.",
      "recommendation": "Add X-Frame-Options: DENY or SAMEORIGIN header"
    },
    {
      "module": "ssl",
      "severity": "medium",
      "title": "HTTP does not redirect to HTTPS",
      "description": "Port 80 does not redirect to HTTPS",
      "recommendation": "Set up a 301 redirect from HTTP to HTTPS"
    },
    {
      "module": "structured-data",
      "severity": "medium",
      "title": "No structured data found",
      "description": "No JSON-LD schemas detected on the page",
      "recommendation": "Add structured data (Organization, WebSite, BreadcrumbList) for rich search results"
    },
    {
      "module": "sitemap",
      "severity": "high",
      "title": "Missing sitemap.xml",
      "description": "No sitemap.xml found at the root",
      "recommendation": "Create a sitemap.xml to help search engines discover all pages"
    },
    {
      "module": "content",
      "severity": "medium",
      "title": "Very low text-to-HTML ratio",
      "description": "Text/HTML ratio is 1% (recommended: >5%)",
      "recommendation": "Increase meaningful text content relative to HTML markup"
    },
    {
      "module": "brand-checker",
      "severity": "medium",
      "title": "No Organization schema",
      "description": "No Organization JSON-LD found",
      "recommendation": "Add Organization structured data with name, logo, and contact information"
    },
    {
      "module": "crawl-budget",
      "severity": "medium",
      "title": "No sitemap.xml found",
      "description": "sitemap.xml returned HTTP 404",
      "recommendation": "Create a sitemap.xml to help search engines discover all pages"
    },
    {
      "module": "crawl-budget",
      "severity": "high",
      "title": "Crawl traps detected",
      "description": "Found 44 URLs with pagination/faceted navigation patterns",
      "recommendation": "Use rel=nofollow, URL parameters in GSC, or robots.txt to prevent crawlers from following these patterns"
    },
    {
      "module": "reputation",
      "severity": "medium",
      "title": "No review platform links found",
      "description": "No links to Trustpilot, Google Business, TripAdvisor, Yelp, G2, Capterra, or Glassdoor detected on the homepage",
      "recommendation": "Add links to your review profiles to build trust signals and improve local SEO"
    }
  ]
}
```

Recommendations for your industry

  • 1Ensure WCAG 2.1 AA compliance
  • 2Implement all recommended security headers
  • 3Ensure sitemap covers all important pages
  • 4Optimize page load time to under 2 seconds
  • 5Ensure responsive design on all pages

SEO Checklist for General

Tips for Mixed websites

  • Define clear landing pages for each segment
  • Use different meta strategies per page group
  • Segment sitemap by content type

Local SEO Context

Sweden has high internet penetration and favors Swedish domains in local searches.

Start your free trial

Use Ctrl+P / Cmd+P to save as PDF