sunocolp.com

HTML metadata

Title: Leading Energy Infrastructure Operator & Fuel Distributor | Sunoco LP
Description: We are the leading operator of critical energy infrastructure and North America's largest independent fuel distributor. Reliable, high-quality energy solutions.
Language: en
Generator: Third Wave Digital CMS v7.0.1721
Canonical: https://www.sunocolp.com/

Technology

Server: volt-adc

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

fonts.googleapis.com×2
fonts.gstatic.com×1
maps.googleapis.com×1
sunoco2019tf.q4web.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

GoDaddy Corporate Domains, LLC

Created

2014-07-25

Expires

2028-07-25 798 days left

Updated

2025-10-28

Name servers

ns0.dnsmadeeasy.com
ns1.dnsmadeeasy.com
ns2.dnsmadeeasy.com
ns3.dnsmadeeasy.com
ns4.dnsmadeeasy.com

DNS records live

NS

ns0.dnsmadeeasy.com
ns1.dnsmadeeasy.com
ns2.dnsmadeeasy.com
ns3.dnsmadeeasy.com
ns4.dnsmadeeasy.com

MX

0 esa1.energytransfer.iphmx.com
0 esa2.energytransfer.iphmx.com

TXT

Show 10 TXT records

apple-domain-verification=Ujs2MChK7fulMCRV
rq557uq5vbbpobm4usq9ndg2b5
dropbox-domain-verification=bp96tbqfdpa4
gkir97khohngb7lv71olurfelg
box-domain-verification=e9dbc47f27981bffa5409388eff918e6de5877b5d9e393792869e661685a6779
ns1vkkkfqo1ktptuas7fsoddnd
00Dd0000000i5D7EAI
docusign=e7ab46cd-a13a-432f-814c-e3639d384528
ratpu8qdaem87868usla4sr4fb
r66q3j552ppjuamb9jdvhld7h

Email authentication strong

SPF

v=spf1 include:spf.sunoco.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:dvhqyvy8@ag.dmarcian.com; ruf=mailto:dvhqyvy8@fr.dmarcian.com;

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD5aFUZZieBGgXj/vdZnWrwTajf2b130mtzZ8jXVDpURe3QmVlE4sq7vGeuKqu0MX9kZJkT9k9ZnVwTz8+h/i…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWWX9K/vlRqTUCBZAyLNMrgDSQ5vPUjcu5UuLGzUF3HtXnF0ZffY+xB1DF0gFtLfUQ1Av+t4KeAxc+0iCmSk…

selectors probed

Certificate (current)

Go Daddy Secure Certificate Authority - G2

from 2025-10-22 to 2026-11-23

Expires in 189 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.sunocolp.com/

present

strict-transport-security
content-security-policy

findings

CSP allows unsafe inline scripts/styles
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: default-src 'self'; connect-src 'self' https: www.facebook.com stats.g.doubleclick.net mpc-prod-14-s6uit34pua-ue.a.run.app analytics.google.com demo-1.conversionsapigateway.com www.google.com maps.googleapis.com www.google-analytics.com; frame-src 'self' sunoco2019tf.q4web.com commoncarrier.energytransfer.com player.vimeo.com www.google.com www.googletagmanager.com; font-src 'self' fonts.gstatic.com; img-src 'self' data: https: maps.gstatic.com maps.googleapis.com www.facebook.com www.google.com www.googletagmanager.com connect.facebook.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googleoptimize.com maps.googleapis.com maps.gstatic.com extend.vimeocdn.com googleads.g.doubleclick.net pi.pardot.com pym.nprapps.org www.googleoptimize.com www.gstatic.com www.google-analytics.com player.vimeo.com www.googletagmanager.com www.google.com connect.facebook.net; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.co
strict-transport-security: max-age=31536000