indexo.dev

ncsssi.com

.com crawl

First seen 2026-05-02 · Last seen 2026-05-04 · ok HTTP/1.1 200 1171 ms crawled 2026-05-08

US · 159.65.32.60 · AS14061 DigitalOcean, LLC

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Automotive Paint & Industrial Paint Supplier
Description
NCS | SSI is the premier Automotive Paint & Industrial Paint Distributor, offering high performing coatings & supplies from top manufacturers.
Language
en-US
Generator
Site Kit by Google 1.176.0
Canonical
https://ncsssi.com/

Open Graph

url
https://ncsssi.com/
title
Automotive Paint & Industrial Paint Supplier
locale
en_US
site name
National Coatings & Supplies | Single Source, Inc.
description
Automotive Paint & Industrial Paint Distributor National Coatings & Supplies | Single Source, Inc. (NCS | SSI) is the go to place for your automotive paint & industrial paint needs. NCS | SSI strategically operates a network comprising over 200 stores and multiple distribution centers, ensuring seamless

Technology

Server
nginx
CMS
WordPress
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • cdn.jsdelivr.net×4
  • stats.wp.com×4
  • www.googletagmanager.com×3
  • fonts.googleapis.com×2
  • js.hs-scripts.com×2
  • www.google.com×1

Social

Contact

Email
Phone

Registration

Registrar
GoDaddy.com, LLC
Created
2019-03-20
Expires
2027-03-20 305 days left
Updated
2026-03-21
Name servers
  • ns13.domaincontrol.com
  • ns14.domaincontrol.com

DNS records live

NS
  • ns13.domaincontrol.com
  • ns14.domaincontrol.com
MX
  • 10 us-smtp-inbound-1.mimecast.com
  • 10 us-smtp-inbound-2.mimecast.com
TXT
Show 9 TXT records
  • google-site-verification=7SP-Rndk6frAspDPvmSUilfmiNxDywYSvCAdZbDaW0U
  • MS=ms28884102
  • 0ed1fe018a4cdbf65b58aa42feb2ce970ea1f330ac
  • smartsheet-site-validation=lQU6652JRxsltgsCnIyY5zw0E-DTqWE_
  • knowbe4-site-verification=5eae2947cc770d02449c6b15f9533874
  • apple-domain-verification=LiX1EoaSoo9ACUMTHleQ1ynkupkUWXks6YLS1At0q9U
  • ZOOM_verify_Ile_ieVkQiKqo_F0pQShBQ
  • adobe-idp-site-verification=1495b92a33f61b6a99848ba45c94b40d8e6bbffb6e95494a560ffce5915bc0fb
  • ms-domain-verification=d794233e-7746-456a-a8ff-91ca9a5c48f7

Email authentication partial

SPF
v=spf1 include:us._netblocks.mimecast.com include:spf.protection.outlook.com include:_spf.psm.knowbe4.com include:_spf.psm.knowbe4.com include:amazonses.com include:20052049.spf08.hubspotemail.net ip4:24.41.67.42 ip4:66.77.186.0/23 ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

E7
from 2026-03-25 to 2026-06-23
Expires in 35 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://ncsssi.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(), microphone=(), camera=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' https: data:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' js.hscollectedforms.net js.hs-analytics.net js.hs-banner.com js.hsadspixel.net js.hubspot.com www.googletagmanager.com www.google-analytics.com pagead2.googlesyndication.com www.google.com www.gstatic.com www.recaptcha.net js.stripe.com; connect-src 'self' https: api.hsforms.com forms.hubspot.com track.hubspot.com api.hubspot.com js.hscollectedforms.net www.google-analytics.com www.googletagmanager.com googleads.g.doubleclick.net stats.g.doubleclick.net www.google.com www.gstatic.com www.recaptcha.net api.stripe.com; img-src 'self' https: data: blob: googleads.g.doubleclick.net stats.g.doubleclick.net www.google-analytics.com www.gstatic.com *.stripe.com; style-src 'self' https: 'unsafe-inline'; font-src 'self' https: data:; frame-src 'self' forms.hsforms.com forms.hubspot.com hsforms.com *.hubspot.com www.googletagmanager.com googleads.g.doubleclick.net tpc.googlesyndication.com www.google.com www.
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (10)

Linked from (2)