Overview
Findings
Actions
Details
Related
LynxRadarDirectory → souffle.club
C-
72 / 100

souffle.club

Security report · Scanned February 18, 2026

Checks
8
Passed
5
Warnings
1
Critical
0
AI-Generated Summary
What this means

souffle.club scored 72/100, meeting baseline requirements but with 1 finding that require attention. The vendor can proceed with a remediation timeline agreement.

Positive signals: Known Breaches, TLS Configuration, DNS Configuration all passed.

1 action item identified, including 0 critical. The issues are configuration gaps, not architectural problems. A focused remediation effort of 2–5 days could address all findings.

How souffle.club compares

Grade distribution across 2378 companies we've scanned. souffle.club scores better than 47% of them.

47th percentile
0 Percentile rank 100
71
A+
22
A
180
A-
181
B+
69
B
333
B-
111
C+
111
C
295
C-
110
D+
92
D
216
D-
587
F
souffle.club — Grade C- (72/100) 2378 companies scanned
Security checks

Each check inspects a different part of souffle.club's public security setup. Green means healthy, yellow needs attention, red is a problem.

DMARC / Email Security
Strengths: SPF record present with soft-fail (~all); DKIM configured (selectors: google, mail). Issues: No DMARC record found — email spoofing is not prevented.
Needs work
HSTS Header
Could not fetch https://souffle.club — connection failed or timed out.
Skipped
Security Headers
Could not fetch https://souffle.club — connection failed or timed out.
Skipped
Known Breaches
No known breaches found in public disclosure databases.
Healthy
TLS Configuration
TLSv1.3 negotiated with TLS_AES_128_GCM_SHA256 (128-bit). Strong configuration with no deprecated protocols or weak ciphers detected.
Healthy
DNS Configuration
Strengths: 4 nameservers configured (ns-cloud-b3.googledomains.com., ns-cloud-b2.googledomains.com., ns-cloud-b4.googledomains.com., ns-cloud-b1.googledomains.com.); 5 MX records present; DNSSEC enabled; Zone transfers properly restricted.
Healthy
CVE Exposure
No server software versions detected in HTTP response headers. This is good practice (version hiding) but means CVE exposure cannot be assessed from external signals alone.
Healthy
Certificate Hygiene
Strengths: Certificate valid, 75 days remaining; Issued by Let's Encrypt.
Healthy
Recommended actions
1 item

Steps to improve souffle.club's security grade, ranked by impact.

1
Strengthen email authentication configuration
Impact: 2–4 Hours
HIGH
Email authentication is partially configured for souffle.club but has gaps. Actions needed: upgrade DMARC policy from 'none' to 'quarantine' or 'reject'. Until DMARC enforcement is active, spoofed emails may still reach recipients.
Compliance impact
NIST CSFPR.AC-7
Email authentication is a required access control
How to fix this
1
Upgrade DMARC policy to p=quarantine (then p=reject after monitoring)
2
Verify with: nslookup -type=txt _dmarc.souffle.club
At a glance

Key data points from the scan.

TLS Version
TLSv1.3
TLSv1.3 negotiated with TLS_AES_128_GCM_SHA256 (128-bit). Strong configuration with no deprecated protocols or weak ciphers detected.
DMARC Policy
Not configured
Strengths: SPF record present with soft-fail (~all); DKIM configured (selectors: google, mail). Issues: No DMARC record found — email spoofing is not prevented.
SPF Record
Present
v=spf1 include:_spf.google.com ~all
Security Headers
0/0 present
All headers configured.
HSTS
Not enabled
Could not fetch https://souffle.club — connection failed or timed out.
SSL Certificate
Valid
Strengths: Certificate valid, 75 days remaining; Issued by Let's Encrypt.
DNSSEC
Enabled
Strengths: 4 nameservers configured (ns-cloud-b3.googledomains.com., ns-cloud-b2.googledomains.com., ns-cloud-b4.googledomains.com., ns-cloud-b1.googledomains.com.); 5 MX records present; DNSSEC enabled; Zone transfers properly restricted.