elliottmgmt.com

HTML metadata

Title: Welcome | Elliott Management
Description: Elliott Investment Management is one of the oldest fund managers of its kind under continuous management. We aim to protect and grow our client capital consistently over time.
Language: en-US
Canonical: https://www.elliottmgmt.com/

Open Graph

title: Welcome | Elliott Management
locale: en_US
site name: Elliott Management
description: Elliott Investment Management is one of the oldest fund managers of its kind under continuous management. We aim to protect and grow our client capital consistently over time.
updated time: 2025-02-27T21:26:31+00:00

Technology

Server: nginx
CMS: WordPress

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Registration

Registrar

CSC Corporate Domains, Inc.

Created

2000-05-02

Expires

2027-05-02 347 days left

Updated

2026-04-28

Name servers

dns1.p09.nsone.net
dns2.p09.nsone.net
ns1.f5clouddns.com
ns2.f5clouddns.com

DNS records live

NS

dns1.p09.nsone.net
dns2.p09.nsone.net
ns1.f5clouddns.com
ns2.f5clouddns.com

MX

10 mx0a-00579901.pphosted.com
10 mx0b-00579901.pphosted.com

TXT

_jn453mu6kr1h290bs9ksnt6cw7wsrwc
_lmx9l132e3ee7kvcgvmctmh82sflpv3
logmein-verification-code=1bf06b2e-a914-4b62-98fc-1f22b3bcb662

Verified for

1Password
Anthropic
Apple
Atlassian
Canva
Cisco Webex
DocuSign
Google
OneTrust
OpenAI

Email authentication strong

SPF: v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
softfail (~all)
DMARC: v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-03-01 to 2026-05-30

Expires in 10 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.elliottmgmt.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' https://cdn-cookieyes.com https://*.cookieyes.com https://form.jotform.com https://submit.jotform.com https://*.google-analytics.com https://*.googletagmanager.com https://fonts.googleapis.com https://*.analytics.google.com; font-src 'self' https://ka-p.fontawesome.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cookieyes.com https://submit.jotform.com https://form.jotform.com; img-src 'self' https://*.elliottmgmt.com *.elliottmgmt.com https://elliottmgmt.com https://dev-elliott-mgmt.pantheonsite.io https://test-elliott-mgmt.pantheonsite.io https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://cdn-cookieyes.com https://*.cookieyes.com https://secure.gravatar.com blob: data:; object-src; script-src 'self' https://*.googletagmanager.com https://tagmanager.google.com https://cdn-cookieyes.com https://*.google-analytics.com 'unsafe-inline'; style-src 'self' https://*.googletagmanager.com https://ta
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: same-origin
cross-origin-resource-policy: same-origin

Links to (1)

intralinks.com×2

Linked from (1)

amchamkorea.org×2