Skip to main content
EcommerceB2C

SEO Report: zlatarna-ar.hr

Generated 8 de maio de 2026 · 40 findings · 7.6s

90
report.overallScore
90
seo
88
security
0
performance
92
accessibility
89
Best Practices

Ecommerce and commercial websites have unique SEO challenges — product pages require structured data, fast loading, and optimal mobile experience to convert.

Score Breakdown

Average Ecommerce score: 62

seo
90(+32 vs avg)
security
88(+17 vs avg)
performance
0(-55 vs avg)
accessibility
92(+28 vs avg)
Best Practices
89(+21 vs avg)

Score Projection

Estimated improvement based on the findings in this report

Current score: 90Projected score: 94
Current score
Free (+1)
Starter (+2)
Pro (+1)

Ready to improve your SEO?

Start a free trial and see how your score can improve.

Module Breakdown

headers
158 findings
reputation
307 findings
page experience
702 findings
log analyzer
702 findings
dns
753 findings
rate limits
753 findings
news mentions
751 finding
structured data
784 findings
brand checker
802 findings
content
814 findings
mobile
852 findings
accessibility
921 finding
technology
951 finding
cookies
100
ssl
100
meta
100
robots
100
sitemap
100
layout scan
100
social checker
100
uptime checker
100
crawl budget
100
indexing checker
100

All Findings (38)

Critical (3)

  • highheaders

    Missing strict-transport-security

    HSTS header is missing. The site may be vulnerable to downgrade attacks.

    Add Strict-Transport-Security header with max-age of at least 31536000

  • highpage experience

    Intrusive interstitials detected

    Found 18 potential popup/overlay elements

    Reduce intrusive interstitials — they hurt mobile experience and can trigger Google penalties

  • highreputation

    Missing AggregateRating in schema

    Found Organization schema without AggregateRating — missing rich snippet opportunity

    Add aggregateRating with ratingValue, ratingCount, and bestRating to your structured data for star ratings in search results

Medium (17)

  • mediumdns

    Missing DMARC record

    No DMARC policy found at _dmarc subdomain.

    Add a DMARC TXT record to prevent email spoofing

  • mediumheaders

    Missing content-security-policy

    CSP header is missing. The site may be vulnerable to XSS attacks.

    Add a Content-Security-Policy header to restrict resource loading

  • mediumheaders

    Missing x-content-type-options

    X-Content-Type-Options is missing. MIME-sniffing attacks are possible.

    Add X-Content-Type-Options: nosniff header

  • mediumheaders

    Missing x-frame-options

    X-Frame-Options is missing. The site may be vulnerable to clickjacking.

    Add X-Frame-Options: DENY or SAMEORIGIN header

  • mediumstructured data

    Missing @type in schema

    A structured data object has no @type

    Add a @type property (e.g. Organization, WebSite)

  • mediumcontent

    External links without noopener

    6 external links with target="_blank" lack rel="noopener"

    Add rel="noopener noreferrer" to all target="_blank" links

  • mediummobile

    Zoom disabled

    Viewport prevents user zoom — accessibility issue

    Remove maximum-scale=1 and user-scalable=no to allow pinch-to-zoom

  • mediumaccessibility

    Potential color contrast issues

    13 elements with very light text colors detected

    Ensure text meets WCAG AA contrast ratio (4.5:1 for normal text, 3:1 for large text)

  • mediumrate limits

    No rate limiting detected

    10 rapid requests all succeeded without any rate-limit headers or 429 responses. The site may be vulnerable to abuse.

    Implement rate limiting (e.g., 429 Too Many Requests) to protect against brute-force attacks

  • mediumbrand checker

    Inconsistent brand name

    Multiple brand names detected: zlatarna ar zadar, zlatarna ar, ar zlatarna

    Use the same brand name consistently across title, og:site_name, and Organization schema

  • mediumlog analyzer

    Exposed /wp-login.php

    /wp-login.php is accessible (HTTP 200) — CMS admin panel is publicly visible

    Restrict access to admin panels via IP whitelisting or authentication

  • mediumlog analyzer

    X-Powered-By header exposed

    X-Powered-By: PHP/8.2.30

    Remove the X-Powered-By header to reduce information leakage

  • mediumreputation

    LocalBusiness missing "address"

    LocalBusiness/Organization schema found but "address" is not set

    Add "address" to your LocalBusiness schema for better local search visibility

  • mediumreputation

    LocalBusiness missing "telephone"

    LocalBusiness/Organization schema found but "telephone" is not set

    Add "telephone" to your LocalBusiness schema for better local search visibility

  • mediumreputation

    LocalBusiness missing "openingHours"

    LocalBusiness/Organization schema found but "openingHours" is not set

    Add "openingHours" to your LocalBusiness schema for better local search visibility

  • mediumreputation

    LocalBusiness missing "geo"

    LocalBusiness/Organization schema found but "geo" is not set

    Add "geo" to your LocalBusiness schema for better local search visibility

  • mediumreputation

    LocalBusiness missing "priceRange"

    LocalBusiness/Organization schema found but "priceRange" is not set

    Add "priceRange" to your LocalBusiness schema for better local search visibility

Low (18)

  • lowdns

    No IPv6 (AAAA) records

    The domain has no AAAA records for IPv6 connectivity

    Add AAAA DNS records for IPv6 support

  • lowdns

    Only one MX record (no redundancy)

    A single MX record means no failover if the mail server goes down.

    Add a secondary MX record for email redundancy

  • lowheaders

    Missing referrer-policy

    Referrer-Policy is not set. Full URLs may leak to third parties.

    Add Referrer-Policy: strict-origin-when-cross-origin

  • lowheaders

    Missing permissions-policy

    Permissions-Policy is missing.

    Add Permissions-Policy to restrict browser feature access

  • lowheaders

    X-Powered-By exposes technology

    X-Powered-By: PHP/8.2.30

    Remove the X-Powered-By header

  • lowstructured data

    Missing Organization schema

    No Organization or LocalBusiness structured data found

    Add Organization schema with name, logo, and contact info

  • lowstructured data

    Missing WebSite schema

    No WebSite structured data found

    Add WebSite schema with SearchAction for sitelinks search box

  • lowtechnology

    Many external CSS files

    30 external stylesheets loaded

    Consider bundling CSS files to reduce HTTP requests

  • lowcontent

    Low text-to-HTML ratio

    Text/HTML ratio is 4% (recommended: >5%)

    Consider adding more descriptive text content

  • lowcontent

    Empty anchor links

    17 links point to "#" or "javascript:void(0)"

    Use proper URLs or button elements instead of empty anchors

  • lowcontent

    Some generic anchor text detected

    2 internal link(s) use generic text: "Details", "Details"

    Use descriptive anchor text instead of generic phrases like 'click here' or 'read more'

  • lowmobile

    Unresponsive images

    30 images lack srcset or responsive sizing

    Use srcset and sizes attributes for responsive images

  • lowrate limits

    No WAF detected

    No Web Application Firewall (Cloudflare, AWS, Akamai, Vercel, Sucuri, Fastly) was detected in response headers.

    Consider using a WAF to protect against common web attacks (XSS, SQL injection, DDoS)

  • lowrate limits

    No bot protection detected

    No CAPTCHA, challenge page, or bot detection was triggered during rapid requests.

    Consider implementing bot protection (e.g., Cloudflare Turnstile, hCaptcha) for sensitive endpoints

  • lownews mentions

    No press or news presence

    No press pages found on the site and no external news mentions detected

    Create a /news or /press page with company updates — this builds authority and earns links

  • lowbrand checker

    No web app manifest

    No manifest.json linked — PWA features unavailable

    Add a web app manifest for installability and brand customization

  • lowpage experience

    No lazy loading on images

    40 images without lazy loading

    Add loading="lazy" to below-the-fold images for faster initial page load

  • lowreputation

    Only 1 sameAs entries

    Found 1 sameAs URL across all JSON-LD entities — search engines use sameAs to verify brand identity

    Add sameAs URLs for all your social profiles, Wikipedia page, and business directory listings (aim for 3+)

AI Fix Prompt

Copy this prompt into ChatGPT or Claude to get step-by-step fix instructions

Fix all SEO issues found in the audit of zlatarna-ar.hr.

Prioritize high-severity issues first, then medium. For each fix, make the actual code change — don't just describe what to do.

```json
{
  "domain": "zlatarna-ar.hr",
  "scores": {
    "overall": 90,
    "performance": 0,
    "seo": 90,
    "accessibility": 92,
    "bestPractices": 89,
    "security": 88
  },
  "findings": [
    {
      "module": "dns",
      "severity": "medium",
      "title": "Missing DMARC record",
      "description": "No DMARC policy found at _dmarc subdomain.",
      "recommendation": "Add a DMARC TXT record to prevent email spoofing"
    },
    {
      "module": "headers",
      "severity": "high",
      "title": "Missing strict-transport-security",
      "description": "HSTS header is missing. The site may be vulnerable to downgrade attacks.",
      "recommendation": "Add Strict-Transport-Security header with max-age of at least 31536000"
    },
    {
      "module": "headers",
      "severity": "medium",
      "title": "Missing content-security-policy",
      "description": "CSP header is missing. The site may be vulnerable to XSS attacks.",
      "recommendation": "Add a Content-Security-Policy header to restrict resource loading"
    },
    {
      "module": "headers",
      "severity": "medium",
      "title": "Missing x-content-type-options",
      "description": "X-Content-Type-Options is missing. MIME-sniffing attacks are possible.",
      "recommendation": "Add X-Content-Type-Options: nosniff header"
    },
    {
      "module": "headers",
      "severity": "medium",
      "title": "Missing x-frame-options",
      "description": "X-Frame-Options is missing. The site may be vulnerable to clickjacking.",
      "recommendation": "Add X-Frame-Options: DENY or SAMEORIGIN header"
    },
    {
      "module": "structured-data",
      "severity": "medium",
      "title": "Missing @type in schema",
      "description": "A structured data object has no @type",
      "recommendation": "Add a @type property (e.g. Organization, WebSite)"
    },
    {
      "module": "content",
      "severity": "medium",
      "title": "External links without noopener",
      "description": "6 external links with target=\"_blank\" lack rel=\"noopener\"",
      "recommendation": "Add rel=\"noopener noreferrer\" to all target=\"_blank\" links"
    },
    {
      "module": "mobile",
      "severity": "medium",
      "title": "Zoom disabled",
      "description": "Viewport prevents user zoom — accessibility issue",
      "recommendation": "Remove maximum-scale=1 and user-scalable=no to allow pinch-to-zoom"
    },
    {
      "module": "accessibility",
      "severity": "medium",
      "title": "Potential color contrast issues",
      "description": "13 elements with very light text colors detected",
      "recommendation": "Ensure text meets WCAG AA contrast ratio (4.5:1 for normal text, 3:1 for large text)"
    },
    {
      "module": "rate-limits",
      "severity": "medium",
      "title": "No rate limiting detected",
      "description": "10 rapid requests all succeeded without any rate-limit headers or 429 responses. The site may be vulnerable to abuse.",
      "recommendation": "Implement rate limiting (e.g., 429 Too Many Requests) to protect against brute-force attacks"
    },
    {
      "module": "brand-checker",
      "severity": "medium",
      "title": "Inconsistent brand name",
      "description": "Multiple brand names detected: zlatarna ar zadar, zlatarna ar, ar zlatarna",
      "recommendation": "Use the same brand name consistently across title, og:site_name, and Organization schema"
    },
    {
      "module": "page-experience",
      "severity": "high",
      "title": "Intrusive interstitials detected",
      "description": "Found 18 potential popup/overlay elements",
      "recommendation": "Reduce intrusive interstitials — they hurt mobile experience and can trigger Google penalties"
    },
    {
      "module": "log-analyzer",
      "severity": "medium",
      "title": "Exposed /wp-login.php",
      "description": "/wp-login.php is accessible (HTTP 200) — CMS admin panel is publicly visible",
      "recommendation": "Restrict access to admin panels via IP whitelisting or authentication"
    },
    {
      "module": "log-analyzer",
      "severity": "medium",
      "title": "X-Powered-By header exposed",
      "description": "X-Powered-By: PHP/8.2.30",
      "recommendation": "Remove the X-Powered-By header to reduce information leakage"
    },
    {
      "module": "reputation",
      "severity": "high",
      "title": "Missing AggregateRating in schema",
      "description": "Found Organization schema without AggregateRating — missing rich snippet opportunity",
      "recommendation": "Add aggregateRating with ratingValue, ratingCount, and bestRating to your structured data for star ratings in search results"
    },
    {
      "module": "reputation",
      "severity": "medium",
      "title": "LocalBusiness missing \"address\"",
      "description": "LocalBusiness/Organization schema found but \"address\" is not set",
      "recommendation": "Add \"address\" to your LocalBusiness schema for better local search visibility"
    },
    {
      "module": "reputation",
      "severity": "medium",
      "title": "LocalBusiness missing \"telephone\"",
      "description": "LocalBusiness/Organization schema found but \"telephone\" is not set",
      "recommendation": "Add \"telephone\" to your LocalBusiness schema for better local search visibility"
    },
    {
      "module": "reputation",
      "severity": "medium",
      "title": "LocalBusiness missing \"openingHours\"",
      "description": "LocalBusiness/Organization schema found but \"openingHours\" is not set",
      "recommendation": "Add \"openingHours\" to your LocalBusiness schema for better local search visibility"
    },
    {
      "module": "reputation",
      "severity": "medium",
      "title": "LocalBusiness missing \"geo\"",
      "description": "LocalBusiness/Organization schema found but \"geo\" is not set",
      "recommendation": "Add \"geo\" to your LocalBusiness schema for better local search visibility"
    },
    {
      "module": "reputation",
      "severity": "medium",
      "title": "LocalBusiness missing \"priceRange\"",
      "description": "LocalBusiness/Organization schema found but \"priceRange\" is not set",
      "recommendation": "Add \"priceRange\" to your LocalBusiness schema for better local search visibility"
    }
  ]
}
```

Recommendations for your industry

  • 1Add Product schema markup to product pages
  • 2Mark up prices with Offer schema
  • 3Optimize checkout speed to under 3 seconds
  • 4Add trust signals and customer reviews
  • 5Ensure mobile-friendly checkout experience

SEO Checklist for Ecommerce

Tips for B2C websites

  • Prioritize mobile speed and user experience
  • Use rich structured data for products/services
  • Implement customer reviews and social proof
Start your free trial

Use Ctrl+P / Cmd+P to save as PDF