helperformance.com

.com crawl

First seen 2026-04-15 · Last seen 2026-05-16 · ok HTTP/1.1 200 7554 ms crawled 2026-05-10

GB · 88.150.159.18 · AS20860 Iomart Cloud Services Limited

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: HEL Performance Race-Winning Products - Made in Britain
Description: Designed and manufactured in the UK - All our mainline stainless steel brake components are made in-house
Language: en

Technology

Server: nginx
CMS: Gatsby

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

fonts.googleapis.com×1
maxcdn.bootstrapcdn.com×1
unpkg.com×1
www.facebook.com×1
www.googletagmanager.com×1

Contact

Phone

00441392811601

Address

Lower Trelake Business Park, Tedburn Road, EX4 2HF, Exeter, Devon, GB

Registration

Registrar

GoDaddy.com, LLC

Created

2000-07-29

Expires

2026-07-29 69 days left

Updated

2022-09-08

Name servers

ns29.domaincontrol.com
ns30.domaincontrol.com

DNS records live

NS

ns29.domaincontrol.com
ns30.domaincontrol.com

MX

0 helperformance-com.mail.protection.outlook.com

TXT

klaviyo-site-verification=UhPMJB

Verified for

Google
Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:62.6.46.66/32 ip4:8.31.233.198 include:spf.protection.outlook.com include:eu.mailgun.org -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc@helperformance.com

policy: none (monitoring only)

DKIM

default: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC41vG+wqCWOd0F/oWYE+eCCtVzX+orzBn5+rXS54pC3nxuqVNMZpLiq38bIyJsAIROsvvfmDtoh5XdP8Y1PB9RYVMmqvU…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2026-02-06 to 2027-03-08

Expires in 291 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://helperformance.com/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-frame-options
x-content-type-options

findings

weak frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: CROSS-ORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
content-security-policy-report-only: font-src *.fontawesome.com https://www.gstatic.com *.googleapis.com https://geowidget.easypack24.net *.gstatic.com 'self' data: *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.checkout.vficloud.net *.vficloud.net *.amazonaws.com *.checkout.verifone.cloud *.verifone.cloud https://fonts.gstatic.com *.yotpo.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de https://api.tosspayments.com https://*.tosspayments.com *.paymentexpress.com *.windcave.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.meetanshi.com *.multisafepay.com https://pay.google.com *.stripe.com stripe.com *.checkout.vficloud.net *.vficloud.net *.checko