Skip to main content

Is norit.com a Scam? Security Check Results - Norit Reviews

norit.com favicon

Is norit.com Safe? Security Analysis for Norit

https://norit.com

Check if norit.com is a scam or legitimate. Free security scan and reviews.

ManufacturingNetherlandslarge
HubSpot CMSjQuery 1.11.2Google AnalyticsFont AwesomeGoogle Fonts (Poppins)
Analyzed 7/30/2025Completed 8:05:25 PM
66
Security Score
MEDIUM RISK

AI Summary

Norit is a global leader in the production and application of activated carbon, with over 100 years of industry experience. The company operates multiple manufacturing plants and joint ventures across three continents, serving a diverse range of industrial sectors including food and beverage, pharmaceuticals, chemicals, water treatment, and energy. Their product portfolio includes over 400 activated carbon grades used for purification and catalytic applications. The website reflects a mature B2B business model focused on industrial clients, supported by comprehensive regional contact information and certifications such as ISO 22000 for food safety. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies including jQuery, Google Analytics, and Font Awesome. The site is well-structured, mobile-optimized, and demonstrates good SEO and accessibility practices. Performance is moderate, with no critical technical issues detected. Privacy and cookie policies are present and GDPR compliant, indicating attention to regulatory requirements. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the company's claimed history and geographic presence, enhancing trustworthiness. Overall, Norit's website presents a professional, trustworthy, and business-focused digital presence with strong content quality and compliance posture. Strategic improvements could include enhancing security headers and publishing explicit security and vulnerability disclosure policies to further strengthen security posture and stakeholder trust.

Detected Technologies

HubSpot CMSjQuery 1.11.2Google AnalyticsFont AwesomeGoogle Fonts (Poppins)

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Norit holds a strong market position as a global activated carbon producer with a century-long legacy. Their competitive advantage lies in a broad product range, global manufacturing footprint, and deep technical expertise. The business model is B2B manufacturing and services, targeting industrial sectors requiring purification solutions. Revenue streams likely include product sales, reactivation services, equipment rentals, and technical consulting. The company serves over 1000 customer groups annually across more than 100 countries, indicating extensive market reach and growth potential. The partnership ecosystem includes joint ventures and regional offices in key global markets. The website content and structure reflect a mature, well-established enterprise with a focus on quality, safety, and innovation.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (3)

i*****@norit.com
i*****@norit.com
i*****@norit.com

Phone Numbers (4)

+3133464****
+1903923****
+6566319***
+1267802****

Physical Addresses (4)

Norit Nederland B.V., Astronaut 34, 3824 MJ Amersfoort, The NetherlandsNorit Americas, Inc., 3200 University Ave., Marshall, TX 75670, USANorit Singapore Pte. Ltd., 101 Thomson Road, United Square #16-04, Singapore 307591, SingaporeNorit executive office: Visiting address: 1155 Business Center Drive, Suite 240, Horsham, PA 19044. Mailing address: P.O. Box 1746, Horsham, PA 19044

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a moderate to good security maturity level. HTTPS is enforced with good SSL configuration, and no sensitive data exposure or vulnerable libraries were found. However, the absence of key security headers (such as CSP, HSTS, X-Frame-Options) and lack of publicly available security or incident response policies represent gaps. There is no evidence of a vulnerability disclosure program or security.txt file, which could improve transparency and incident handling readiness. Compliance with GDPR is indicated through privacy and cookie policies. Overall, the security posture is adequate for a corporate website but could be enhanced by adopting additional best practices and transparency measures.

Strategic Recommendations

Priority Actions for Security Improvement

1

Implement and configure security headers including Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), X-Frame-Options, and X-XSS-Protection.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Norit

Description:

NORIT supplies a broad range of 400+ activated carbon grades used to purify beverages, biogas, chemicals, foods, pharmaceutical ingredients, water, and other products. They also provide catalyst supports and catalysts. NORIT operates 10 plants or joint ventures in 7 countries across 3 continents.

Key Services:
Activated carbon productionReactivation servicesEquipment rental and salesExpert technical advicePartnering for innovations
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
HubSpot CMSjQuery 1.11.2Google AnalyticsFont AwesomeGoogle Fonts (Poppins)
Frameworks:
HubSpot CMS platform
Platforms:
HubSpot
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
75/100
Best Practices:
  • HTTPS enabled
  • No exposed sensitive data in HTML
  • No visible vulnerable libraries

Analytics & Tracking

Services:
Google AnalyticsHubSpot Analytics
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Tracking Pixels:
HubSpot Analytics
Marketing Tools:
HubSpot marketing tools
Transparency Level:good

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:high

Key Observations

1

Website is professionally designed and well-structured.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

45/100
Score

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Weak Referrer-Policy configuration

LOW

Current value: "no-referrer-when-downgrade"

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

83/100
Score

No Data Protection Officer mentioned

LOW

Large organizations may need to designate a DPO under GDPR

Privacy policy may not be GDPR compliant

MEDIUM

Privacy policy lacks explicit GDPR compliance elements

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, health, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

85/100
Score

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 ip4:20.42.89.66 include:spf.protection.outlook.com ~all
DNS Lookups:1/10
Policy:~all
DKIM Selectors Found
Selector:selector1(1416-bit rsa)
Selector:selector2(1416-bit rsa)
DMARC Details
Policy:quarantine
Aggregate Reports:dmarc@norit.com
Forensic Reports:dmarc@norit.com

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

57/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 57 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Enabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

70/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

Domain Registration Details

Domain Age
29 years(mature)
Expiry Risk
low(200 days)
Protection Level
noneDNSSEC OFF
Suspicious Indicators Detected
  • No domain protection locks enabled

DNS Records

A Records:199.60.103.84, 199.60.103.184
Name Servers:
nsauth1.introweb.nl
nsauth2.introweb.nl
nsauth3.introweb.net
MX Records:
0: norit-com.mail.protection.outlook.com
SOA:Serial: 2023021501, TTL: 86400s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:81ms

SPF Analysis

SPF Record:
v=spf1 ip4:20.42.89.66 include:spf.protection.outlook.com ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is hosted on a platform using HubSpot CMS, which provides integrated marketing and analytics tools. The technology stack includes jQuery 1.11.2, Google Analytics, Font Awesome icons, and Google Fonts. The site uses responsive design techniques and is mobile optimized. Performance is moderate, with no critical errors or broken elements detected. SEO is supported by proper meta tags and Open Graph tags. The site lacks some advanced accessibility features but meets basic standards. Hosting provider details beyond registrar are not explicitly identified. Overall, the technical infrastructure is modern and suitable for the business needs, with opportunities for performance tuning and security enhancements.
Analyze Another Website