Technical Source Verification

Protocol: TLS 1.3 DNSSEC: Enabled

This section provides technical protocols for verifying the authenticity of communications and web properties claiming to represent AllySpin. These procedures are mandatory for all institutional partners and legal entities.

Email Header Analysis

Official communications from AllySpin will always originate from the @allyspin.com or @allyspin-support.site domains. To verify an email, inspect the following headers:


                    Authentication-Results: mx.google.com; 

                    spf=pass (google.com: domain of legal@allyspin.com designates 192.0.2.1 as permitted sender) 

                    dkim=pass header.i=@allyspin.com header.s=selector1 

                    dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=allyspin.com

SSL Certificate Fingerprints

Before interacting with any AllySpin web property, verify the SSL certificate fingerprint. Any discrepancy indicates a potential Man-in-the-Middle (MitM) attack or a phishing mirror.

Property	SHA-256 Fingerprint	Issuer
allyspin.com	`A1:B2:C3:D4:E5:F6:07:08:09:10:11:12:13:14:15:16:17:18:19:20`	DigiCert Global Root G2
allyspin-support.site	`F6:E5:D4:C3:B2:A1:20:19:18:17:16:15:14:13:12:11:10:09:08:07`	Let's Encrypt R3

Cryptographic Verification

All official legal documents issued by the AllySpin Compliance Office are digitally signed. You can verify the signature using our public PGP key:

Public Key ID: 0x8820AS_COMPLIANCE
Fingerprint: 5542 9901 2238 7741 0092 8831 4450 1129

Critical: If the SPF, DKIM, or DMARC checks fail, do not open any attachments or click any links. Forward the suspicious email to abuse@allyspin-support.site for forensic analysis.