A-
92/100
1
Diversify your DNS providers
DNS Configuration
All nameservers for powerdmarc.com are controlled by cloudflare.com. If cloudflare.com experiences an outage or incident, your domain becomes unreachable for all users worldwide until the provider recovers.
NIST 800-53CP-8
Telecommunications services redundancy
How to fix this
1Choose a secondary DNS provider (e.g., if primary is Cloudflare, consider Route53 or NS1)
2Add the secondary provider's nameservers to your registrar's NS list
3Mirror your zone records on the secondary provider
4Verify: dig NS powerdmarc.com — should show nameservers from at least 2 providers
At a glance
Full data from this scan
TLS Version
TLSv1.3
TLSv1.3 negotiated with TLS_AES_256_GCM_SHA384 (256-bit). Strong configuration with no deprecated protocols or weak ciphers detected.
DMARC Policy
p=reject
Strengths: DMARC policy set to reject (strongest); DMARC pct=100 — policy applies to all mail; Aggregate reports (rua) configured; Forensic reports (ruf) configured; SPF soft-fail (~all) configured; SPF DNS lookup count: 1/10 (within limit); DKIM configured (selectors: s1).
SPF Record
Present
v=spf1 include:ntc8xslu91.powerspf.com ~all
Security Headers
5/5 present
All headers configured.
HSTS
Enabled
HSTS enabled: max-age=15552000s (180 days). includeSubDomains present. preload directive present but not eligible: preload requires max-age ≥ 31536000 (1 year).
SSL Certificate
Valid
Strengths: Certificate valid, 66 days remaining; Issued by Let's Encrypt.
DNSSEC
Not enabled
Strengths: 2 nameservers configured (emely.ns.cloudflare.com, vern.ns.cloudflare.com); SOA record present and MNAME consistent with NS set; 5 MX record(s) present; DNSSEC enabled: zone signed (DNSKEY present) and chain of trust intact (DS record in parent zone); Zone transfers properly restricted on all nameservers; Address records present: 2 A record(s), 2 AAAA record(s). Issues: All nameservers are from a single provider (cloudflare.com) — a provider outage takes down the domain.
Similar companies
