nixtla.io

HTML metadata

Title: Nixtla | Time Series Forecasting & Anomaly Detection | Nixtla | Time Series Forecasting
Description: Enterprise-grade time series forecasting and anomaly detection. Accurate predictions powered by Nixtla's industry-leading AI solutions.
Language: en
Canonical: https://www.nixtla.io

Open Graph

url: https://www.nixtla.io
title: Nixtla | State of the Art Forecasting
locale: en_US
site name: Nixtla
description: Forecasting & Anomaly Detection: accurate predictions and detect anomalies with Nixtla's industry-leading solutions

Technology

CDN: Vercel
CMS: Next.js

Analytics

Google Analytics
Google Tag Manager

Third-party hosts loaded (6)

badges.oneleet.com×6
models.dev×3
js.hs-scripts.com×2
www.google-analytics.com×2
www.googletagmanager.com×2
forms.hsforms.com×1

Social

DNS records live

NS

ns-cloud-d1.googledomains.com
ns-cloud-d2.googledomains.com
ns-cloud-d3.googledomains.com
ns-cloud-d4.googledomains.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 7 TXT records

firebase=nixtla-developer-portal-main
v2Oyjs6C_QbFu33T9iCpvP2I
ps-cd-verification=97e2a34f-7416-4b35-b5c4-a2317fca7287
w7ThcOI0irevI9Iho7PymYwU
oneleet-domain-verification-58df744e-4901-4c7c-bc4d-884716124233
6lae40JgJ74Fg4zpRSQzlgTB
MS=46C43240F1CE55999C218EFBE53D0DEE7AC38AA6

Verified for

Cursor
Google
Notion
Slack

Email authentication strong

SPF

v=spf1 include:45906594.spf10.hubspotemail.net include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:j6r4l1ye@ag.us.dmarcian.com, mailto:max@nixtla.io, mailto:han@nixtla.io; pct=100; adkim=r; aspf=s;

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH7oZGTC4jop34HrZTuVOfZoVBsMr237WcxWsjo0a1rZWvogFgVUSK+rBHMpcD9K/UVhpTBN0kgrAA…

selectors probed

Certificate (current)

R13

from 2026-05-04 to 2026-08-02

Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.nixtla.io/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: camera=(), microphone=(), geolocation=(), payment=(), usb=(), serial=(), bluetooth=(), magnetometer=(), gyroscope=(), accelerometer=(), interest-cohort=(), browsing-topics=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://plausible.io https://*.googletagmanager.com https://*.hsforms.net https://*.hubspot.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.hs-banner.com https://*.hscollectedforms.net https://*.hsadspixel.net https://cdn.vercel-insights.com https://va.vercel-analytics.com https://va.vercel-scripts.com https://*.crazyegg.com https://*.posthog.com https://d.nixtla.io https://*.partnerstack.com https://*.g2.com https://widget.intercom.io https://*.intercomcdn.com https://*.mintlify.com https://*.mintcdn.com https://*.hsappstatic.net https://*.hubspotusercontent-na1.net https://static.cloudflareinsights.com https://challenges.cloudflare.com https://vercel.live https://*.vercel.live; connect-src 'self' https://plausible.io https://*.mintlify.com https://*.mintcdn.com https://cloudflareinsights.com https://api.hubapi.com https://forms.hsforms.com https://hubspot-forms-static-embed.s3.amazonaws.com https://*.hubspot.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site

Links to (1)

github.com×2