Is pools.events safe to use as a vendor?

pools.events scored 75/100 on LynxRadar's security posture assessment. The domain partially meets security requirements with some gaps to address. 4 checks passed, 3 warnings, 1 critical issues across 8 passive checks including TLS, DMARC, security headers, breaches, and CVEs.

Does pools.events have SPF configured?

Yes. SPF record: v=spf1 include:_spf.google.com ~all

Does pools.events have security headers configured?

pools.events has 4 of 5 recommended security headers. Present: CSP, X-Content-Type-Options, X-Frame-Options, Referrer-Policy. Missing: Permissions-Policy.

pools.events Security Report — Grade C (75/100)

Q: What TLS version does pools.events use?

pools.events uses TLSv1.3 with TLS_AES_256_GCM_SHA384. TLSv1.3 negotiated with TLS_AES_256_GCM_SHA384 (256-bit). Strong configuration with no deprecated protocols or weak ciphers detected.

Q: Does pools.events have DMARC configured?

Yes. pools.events's DMARC policy is set to 'none'. SPF record: yes. Strengths: SPF record present with soft-fail (~all); DKIM configured (selectors: google). Issues: DMARC policy is 'none' (monitoring only, no enforcement).

Q: Does pools.events use HSTS?

No. Strict-Transport-Security header is missing. Connections can be downgraded to HTTP via man-in-the-middle attacks.

Q: Is pools.events's SSL certificate valid?

Issues detected. Strengths: Certificate valid, 88 days remaining; Issued by Google Trust Services. Issues: Wildcard certificate in use — broader attack surface if compromised.

Q: Does pools.events have DNSSEC enabled?

No. Strengths: 2 nameservers configured (demi.ns.cloudflare.com., benedict.ns.cloudflare.com.); 1 MX records present; Zone transfers properly restricted. Issues: DNSSEC not configured — DNS responses can be spoofed.

75/100

pools.events

February 18, 2026 ·

1+ Warnings 4 Passed

AI Summary

pools.events scored 75/100, meeting baseline requirements but with 3 findings that require attention. The vendor can proceed with a remediation timeline agreement.

Critical gaps in: HSTS Header. Positive signals: Known Breaches, Security Headers, TLS Configuration all passed.

4 action items identified, including 0 critical. The issues are configuration gaps, not architectural problems. A focused remediation effort of 2–5 days could address all findings.

Better than 55% of 2681 companies scanned.

055th pct100

A+

A-

B+

B-

C+

C-

D+

D-

HSTS Header

DNS Configuration

DMARC / Email Security

Certificate Hygiene

Known Breaches

TLS Configuration

Security Headers

CVE Exposure

pools.events

75/100

No critical issues — great work!

Strengthen email authentication configuration

2–4 hours High

Email authentication is partially configured for pools.events but has gaps. Actions needed: upgrade DMARC policy from 'none' to 'quarantine' or 'reject'. Until DMARC enforcement is active, spoofed emails may still reach recipients.

NIST CSFPR.AC-7

Email authentication is a required access control

How to fix this

1Upgrade DMARC policy to p=quarantine (then p=reject after monitoring)

2Verify with: nslookup -type=txt _dmarc.pools.events

3 items locked

Unlock the full action plan

Report unlocked.

At a glance

Full data from this scan

TLS Version

TLSv1.3

TLSv1.3 negotiated with TLS_AES_256_GCM_SHA384 (256-bit). Strong configuration with no deprecated protocols or weak ciphers detected.

DMARC Policy

p=none

Strengths: SPF record present with soft-fail (~all); DKIM configured (selectors: google). Issues: DMARC policy is 'none' (monitoring only, no enforcement).

SPF Record

Present

v=spf1 include:_spf.google.com ~all

Security Headers

4/5 present

Missing: Permissions-Policy

HSTS

Not enabled

Strict-Transport-Security header is missing. Connections can be downgraded to HTTP via man-in-the-middle attacks.

SSL Certificate

Issues

Strengths: Certificate valid, 88 days remaining; Issued by Google Trust Services. Issues: Wildcard certificate in use — broader attack surface if compromised.

DNSSEC

Not enabled

Strengths: 2 nameservers configured (demi.ns.cloudflare.com., benedict.ns.cloudflare.com.); 1 MX records present; Zone transfers properly restricted. Issues: DNSSEC not configured — DNS responses can be spoofed.

Similar companies

Other domains with comparable security profiles.