espo.org

HTML metadata

Title: School Supplies | Public Sector Procurement Services - ESPO
Description: Discover ESPO, a trusted provider of school supplies and public sector procurement solutions with 40+ years of experience. Supplying over 28,000 products to 12,000+ schools, we offer expert procurement services, including 100+ free-to-access frameworks. From procurement for schools to DfE-approved solutions, we ensure compliant, value-driven purchasing with reliable delivery.
Language: en

Open Graph

url: https://www.espo.org/
title: School Supplies | Public Sector Procurement Services - ESPO

Technology

CMS: Gatsby

Analytics

Google Analytics
Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (14)

js.klevu.com×4
api.feefo.com×2
connect.punchout2go.com×2
www.googletagmanager.com×2
fonts.gstatic.com×1
leice11178.pcapredict.com×1
r1-t.trackedlink.net×1
rum-static.pingdom.net×1
rum.hlx.page×1
static.klaviyo.com×1
statsjs.klevu.com×1
www.google-analytics.com×1
www.google.com×1
www.gstatic.com×1

Social

Registration

Registrar

Network Solutions, LLC

Created

1996-08-14

Expires

2026-08-13 86 days left

Updated

2025-08-03

Name servers

ns1.virginmedia.net
ns2.virginmedia.net
ns3.virginmedia.net
ns4.virginmedia.net

DNS records live

NS

ns1.virginmedia.net
ns2.virginmedia.net
ns3.virginmedia.net
ns4.virginmedia.net

MX

0 espo-org.mail.protection.outlook.com

TXT

Show 4 TXT records

_globalsign-domain-verification=Xdi-nahr_rFnz4gX71OiCumT9dBnunlvexw5JTaOCV
_ajr6fa1m075jne1j5t753jcovhzwf2v
MS=F6E890ADBE6DB91192675C8A847A998616A445FD
klaviyo-site-verification=T4Jdxw

Email authentication strong

SPF

v=spf1 include:fdspfeuc.freshemail.io include:spf.protection.outlook.com include:spf.uk.exclaimer.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:l2gwkifb@ag.eu.dmarcian.com;

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3ylqxBRwHRuHKg6AMZ+LFb2fkzaPXyoSoi+dIoN/235yEk2+njZP/rP0biXFHHThn05bbwxEolw1fsp0jai…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR7QhA2LuPkUWYY1fLwF1Ugspfkzc6yVrE1r2lBeuP73uofAge/AJNdz5Mo+6vQt675RYP+G2Y8x3dyLPO…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOC7M76gMtWTOTQ3dQoJV5gTJh7zFniPKSr3U4Jyu0wJmJmesvtAFdmZIQck28QGRYYiyl97zL3fylRGU7AYXOvA…

selectors probed

Certificate (current)

R13

from 2026-03-31 to 2026-06-29

Expires in 41 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.espo.org/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; base-uri 'self';
strict-transport-security: max-age=31536000
content-security-policy-report-only: font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com https://www.googletagmanager.com *.googleapis.com *.klevu.com *.ksearchnet.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.punchout2go.com *.tradecentric.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https://www.google.com