urlscan.io logo urlscan.io
SecurityTrails logo

auth.atlassian.com Open in urlscan Pro
185.166.143.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://getsupport.atlassian.com/servicedesk/customer/portal/35/CA-1057013?sda_source=notification-email
Effective URL: https://auth.atlassian.com/login?state=hKFo2SBKd2txcWxNb1B1WjdLdEVBamVmSk1ldDF1TEdVeDhhb6FupWxvZ2luo3RpZNkgY2tmRjRvc0pzd21Z...
Submission Tags: falconsandbox
Submission: On July 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 185.166.143.8, located in Amsterdam, Netherlands and belongs to AMAZON-02, US. The main domain is auth.atlassian.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on April 8th 2020. Valid for: 2 years.
This is the only time auth.atlassian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 185.166.143.2 16509 (AMAZON-02)
1 2 185.166.143.8 16509 (AMAZON-02)
1 13.224.95.26 16509 (AMAZON-02)
3 3
Apex Domain
Subdomains		 Transfer
4 atlassian.com
getsupport.atlassian.com
auth.atlassian.com
id.atlassian.com Failed
6 KB
1 auth0.com
cdn.auth0.com
30 KB
3 2
Domain Requested by
2 auth.atlassian.com 1 redirects
2 getsupport.atlassian.com 2 redirects
1 cdn.auth0.com auth.atlassian.com
0 id.atlassian.com Failed auth.atlassian.com
3 4

This site contains no links.

Subject Issuer Validity Valid
*.atlassian.com
DigiCert SHA2 High Assurance Server CA		 2020-04-08 -
2022-06-10		 2 years crt.sh
*.auth0.com
Amazon		 2021-04-25 -
2022-05-24		 a year crt.sh

This page contains 1 frames:

Frame: https://id.atlassian.com/oidc/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.atlassian.com%2Flogin%2Fcallback&state=wi_3CapyzpBfME62257qlxdk2T1zlj16&client_id=RP6QeEK_26C7q49Yf
Frame ID: EE8AA101AF1D4B6BFECE3989C95558D2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://getsupport.atlassian.com/servicedesk/customer/portal/35/CA-1057013?sda_source=notification-email HTTP 303
    https://getsupport.atlassian.com/servicedesk/customer/portal/35/user/login?destination=portal%2F35%2FCA-10570... HTTP 302
    https://auth.atlassian.com/authorize?redirect_uri=https%3A%2F%2Fgetsupport.atlassian.com%2Fplugins%2Fse... HTTP 302
    https://auth.atlassian.com/login?state=hKFo2SBKd2txcWxNb1B1WjdLdEVBamVmSk1ldDF1TEdVeDhhb6FupWxvZ2luo3Rp... Page URL

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

2
Countries

32 kB
Transfer

106 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://getsupport.atlassian.com/servicedesk/customer/portal/35/CA-1057013?sda_source=notification-email HTTP 303
    https://getsupport.atlassian.com/servicedesk/customer/portal/35/user/login?destination=portal%2F35%2FCA-1057013%3Fsda_source%3Dnotification-email HTTP 302
    https://auth.atlassian.com/authorize?redirect_uri=https%3A%2F%2Fgetsupport.atlassian.com%2Fplugins%2Fservlet%2Fauthentication%3Fauth_plugin_original_url%3D%252Fservicedesk%252Fcustomer%252Fportal%252F35%252FCA-1057013%253Fsda_source%253Dnotification-email&client_id=IxYiM0Mnu4QwMrWq0GqEaPnHV5s4fX2O&scope=openid+email+profile&state=d6c0e30b-387c-414c-b753-f79c8e0a96bc&response_type=code HTTP 302
    https://auth.atlassian.com/login?state=hKFo2SBKd2txcWxNb1B1WjdLdEVBamVmSk1ldDF1TEdVeDhhb6FupWxvZ2luo3RpZNkgY2tmRjRvc0pzd21ZVDItZDRNclp3OGZzWFZKYUhyMTCjY2lk2SBJeFlpTTBNbnU0UXdNcldxMEdxRWFQbkhWNXM0ZlgyTw&client=IxYiM0Mnu4QwMrWq0GqEaPnHV5s4fX2O&protocol=oauth2&redirect_uri=https%3A%2F%2Fgetsupport.atlassian.com%2Fplugins%2Fservlet%2Fauthentication%3Fauth_plugin_original_url%3D%252Fservicedesk%252Fcustomer%252Fportal%252F35%252FCA-1057013%253Fsda_source%253Dnotification-email&scope=openid%20email%20profile&response_type=code Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://auth.atlassian.com/authorize?client_id=IxYiM0Mnu4QwMrWq0GqEaPnHV5s4fX2O&response_type=code&redirect_uri=https%3A%2F%2Fgetsupport.atlassian.com%2Fplugins%2Fservlet%2Fauthentication%3Fauth_plugin_original_url%3D%252Fservicedesk%252Fcustomer%252Fportal%252F35%252FCA-1057013%253Fsda_source%253Dnotification-email&protocol=oauth2&scope=openid%20email%20profile&_csrf=GpIqg61V-XAoujGmUVJYDdE3mZiJPRCbbj4A&_intstate=deprecated&state=hKFo2SBKd2txcWxNb1B1WjdLdEVBamVmSk1ldDF1TEdVeDhhb6FupWxvZ2luo3RpZNkgY2tmRjRvc0pzd21ZVDItZDRNclp3OGZzWFZKYUhyMTCjY2lk2SBJeFlpTTBNbnU0UXdNcldxMEdxRWFQbkhWNXM0ZlgyTw&connection=oidc-session-bridge&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOC4xMi4yIn0%3D HTTP 302
  • https://id.atlassian.com/oidc/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.atlassian.com%2Flogin%2Fcallback&state=wi_3CapyzpBfME62257qlxdk2T1zlj16&client_id=RP6QeEK_26C7q49Yf

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
auth.atlassian.com/
Redirect Chain
  • https://getsupport.atlassian.com/servicedesk/customer/portal/35/CA-1057013?sda_source=notification-email
  • https://getsupport.atlassian.com/servicedesk/customer/portal/35/user/login?destination=portal%2F35%2FCA-1057013%3Fsda_source%3Dnotification-email
  • https://auth.atlassian.com/authorize?redirect_uri=https%3A%2F%2Fgetsupport.atlassian.com%2Fplugins%2Fservlet%2Fauthentication%3Fauth_plugin_original_url%3D%252Fservicedesk%252Fcustomer%252Fportal%2...
  • https://auth.atlassian.com/login?state=hKFo2SBKd2txcWxNb1B1WjdLdEVBamVmSk1ldDF1TEdVeDhhb6FupWxvZ2luo3RpZNkgY2tmRjRvc0pzd21ZVDItZDRNclp3OGZzWFZKYUhyMTCjY2lk2SBJeFlpTTBNbnU0UXdNcldxMEdxRWFQbkhWNXM0Zl...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.atlassian.com/login?state=hKFo2SBKd2txcWxNb1B1WjdLdEVBamVmSk1ldDF1TEdVeDhhb6FupWxvZ2luo3RpZNkgY2tmRjRvc0pzd21ZVDItZDRNclp3OGZzWFZKYUhyMTCjY2lk2SBJeFlpTTBNbnU0UXdNcldxMEdxRWFQbkhWNXM0ZlgyTw&client=IxYiM0Mnu4QwMrWq0GqEaPnHV5s4fX2O&protocol=oauth2&redirect_uri=https%3A%2F%2Fgetsupport.atlassian.com%2Fplugins%2Fservlet%2Fauthentication%3Fauth_plugin_original_url%3D%252Fservicedesk%252Fcustomer%252Fportal%252F35%252FCA-1057013%253Fsda_source%253Dnotification-email&scope=openid%20email%20profile&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.143.8 Amsterdam, Netherlands, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
globaledge-envoy /
Resource Hash
6e347e641f9f13537dd8500467023cf1f0f8cace301358e71bd4869832fead86
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
auth.atlassian.com
:scheme
https
:path
/login?state=hKFo2SBKd2txcWxNb1B1WjdLdEVBamVmSk1ldDF1TEdVeDhhb6FupWxvZ2luo3RpZNkgY2tmRjRvc0pzd21ZVDItZDRNclp3OGZzWFZKYUhyMTCjY2lk2SBJeFlpTTBNbnU0UXdNcldxMEdxRWFQbkhWNXM0ZlgyTw&client=IxYiM0Mnu4QwMrWq0GqEaPnHV5s4fX2O&protocol=oauth2&redirect_uri=https%3A%2F%2Fgetsupport.atlassian.com%2Fplugins%2Fservlet%2Fauthentication%3Fauth_plugin_original_url%3D%252Fservicedesk%252Fcustomer%252Fportal%252F35%252FCA-1057013%253Fsda_source%253Dnotification-email&scope=openid%20email%20profile&response_type=code
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
did=s%3Av0%3Af82a6e60-e64e-11eb-833d-35c33d8ec2d1.eLl37bineZ2YJIx8wohhuoPEWrajhtbeDTokOVXOHFo; auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQJVx8XNQmD3JlOqCmMnNDzDuv13RCAn1rKt0PsiwW7hh2lCbX02yOW9eSyyBuYr-sngxg9u-hyNnOK9xxmYH5bCmY29va2llg6dleHBpcmVz1_8KfYwAYPWhqa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.yI2oRlfuYD%2BKi6Aon697dpOfGHZ3rpwfbt7G4wm%2BUXc; did_compat=s%3Av0%3Af82a6e60-e64e-11eb-833d-35c33d8ec2d1.eLl37bineZ2YJIx8wohhuoPEWrajhtbeDTokOVXOHFo; auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQJVx8XNQmD3JlOqCmMnNDzDuv13RCAn1rKt0PsiwW7hh2lCbX02yOW9eSyyBuYr-sngxg9u-hyNnOK9xxmYH5bCmY29va2llg6dleHBpcmVz1_8KfYwAYPWhqa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.yI2oRlfuYD%2BKi6Aon697dpOfGHZ3rpwfbt7G4wm%2BUXc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 16:00:41 GMT
content-type
text/html; charset=utf-8
server
globaledge-envoy
vary
Accept-Encoding
ot-tracer-spanid
1498c5e56841cbf3
ot-tracer-traceid
6028f7237a980295
ot-tracer-sampled
true
ot-baggage-auth0-request-id
1200-1626451241.473-52.44.255.165-2515-23167627-1-0.000
x-auth0-requestid
717c52ca75286e172c68
set-cookie
_csrf=MJy8IKaEVlS2Q5jHrKwEYRwe; Max-Age=864000; Path=/usernamepassword/login; HttpOnly; Secure
x-robots-tag
noindex, nofollow
referrer-policy
same-origin
cache-control
no-store, max-age=0, no-transform
pragma
no-cache
etag
W/"179a-jQXoMYH4BqFq82NmciOvRIHlMU8"
content-encoding
gzip
x-envoy-upstream-service-time
396
expect-ct
report-uri="https://web-security-reports.services.atlassian.com/expect-ct-report/auth0-proxy", max-age=86400
x-logging-id
87dd4833-2282-4051-acf2-7e60a9b960fb
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
atl-traceid
86f3a68ff9367d62

Redirect headers

date
Fri, 16 Jul 2021 16:00:41 GMT
content-type
text/html; charset=utf-8
content-length
1084
server
globaledge-envoy
ot-tracer-spanid
795cb28e3e0fe1e2
ot-tracer-traceid
765c316e489402ca
ot-tracer-sampled
true
ot-baggage-auth0-request-id
1060-1626451241.018-34.198.24.12-1656-23135477-1-0.000
x-auth0-requestid
120b64bbd0fafe6349e6
set-cookie
did=s%3Av0%3Af82a6e60-e64e-11eb-833d-35c33d8ec2d1.eLl37bineZ2YJIx8wohhuoPEWrajhtbeDTokOVXOHFo; Max-Age=31557600; Path=/; Expires=Sat, 16 Jul 2022 22:00:41 GMT; HttpOnly; Secure; SameSite=None auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQJVx8XNQmD3JlOqCmMnNDzDuv13RCAn1rKt0PsiwW7hh2lCbX02yOW9eSyyBuYr-sngxg9u-hyNnOK9xxmYH5bCmY29va2llg6dleHBpcmVz1_8KfYwAYPWhqa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.yI2oRlfuYD%2BKi6Aon697dpOfGHZ3rpwfbt7G4wm%2BUXc; Path=/; Expires=Mon, 19 Jul 2021 16:00:41 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Af82a6e60-e64e-11eb-833d-35c33d8ec2d1.eLl37bineZ2YJIx8wohhuoPEWrajhtbeDTokOVXOHFo; Max-Age=31557600; Path=/; Expires=Sat, 16 Jul 2022 22:00:41 GMT; HttpOnly; Secure auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQJVx8XNQmD3JlOqCmMnNDzDuv13RCAn1rKt0PsiwW7hh2lCbX02yOW9eSyyBuYr-sngxg9u-hyNnOK9xxmYH5bCmY29va2llg6dleHBpcmVz1_8KfYwAYPWhqa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.yI2oRlfuYD%2BKi6Aon697dpOfGHZ3rpwfbt7G4wm%2BUXc; Path=/; Expires=Mon, 19 Jul 2021 16:00:41 GMT; HttpOnly; Secure
cache-control
no-store, max-age=0, no-transform
pragma
no-cache
location
/login?state=hKFo2SBKd2txcWxNb1B1WjdLdEVBamVmSk1ldDF1TEdVeDhhb6FupWxvZ2luo3RpZNkgY2tmRjRvc0pzd21ZVDItZDRNclp3OGZzWFZKYUhyMTCjY2lk2SBJeFlpTTBNbnU0UXdNcldxMEdxRWFQbkhWNXM0ZlgyTw&client=IxYiM0Mnu4QwMrWq0GqEaPnHV5s4fX2O&protocol=oauth2&redirect_uri=https%3A%2F%2Fgetsupport.atlassian.com%2Fplugins%2Fservlet%2Fauthentication%3Fauth_plugin_original_url%3D%252Fservicedesk%252Fcustomer%252Fportal%252F35%252FCA-1057013%253Fsda_source%253Dnotification-email&scope=openid%20email%20profile&response_type=code
vary
Accept
x-envoy-upstream-service-time
393
expect-ct
report-uri="https://web-security-reports.services.atlassian.com/expect-ct-report/auth0-proxy", max-age=86400
x-logging-id
87dd4833-2282-4051-acf2-7e60a9b960fb
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
atl-traceid
673f29c846adb714
auth0.min.js
cdn.auth0.com/js/auth0/8.12.2/ 		100 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/8.12.2/auth0.min.js
Requested by
Host: auth.atlassian.com
URL: https://auth.atlassian.com/login?state=hKFo2SBKd2txcWxNb1B1WjdLdEVBamVmSk1ldDF1TEdVeDhhb6FupWxvZ2luo3RpZNkgY2tmRjRvc0pzd21ZVDItZDRNclp3OGZzWFZKYUhyMTCjY2lk2SBJeFlpTTBNbnU0UXdNcldxMEdxRWFQbkhWNXM0ZlgyTw&client=IxYiM0Mnu4QwMrWq0GqEaPnHV5s4fX2O&protocol=oauth2&redirect_uri=https%3A%2F%2Fgetsupport.atlassian.com%2Fplugins%2Fservlet%2Fauthentication%3Fauth_plugin_original_url%3D%252Fservicedesk%252Fcustomer%252Fportal%252F35%252FCA-1057013%253Fsda_source%253Dnotification-email&scope=openid%20email%20profile&response_type=code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a863d6d63b9c97330c878334c30a7d90e00dcb7c3dad0edf6932ff00c6415d22

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 18:00:00 GMT
content-encoding
gzip
last-modified
Mon, 15 Jan 2018 22:57:55 GMT
server
AmazonS3
age
79242
etag
W/"1d86ccadf7ccde11720fb03243d44edd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
vvw9FgEnFGSwwKOJMnC0HPytZViTuMkI
via
1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
cache-control
max-age=2628000,public
x-amz-replication-status
COMPLETED
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
RXO9yoNorJJ0Ui5RUz6xESuf-zutDN9yNjwjPcZnpkzmAtEv9l94oA==
authorize
id.atlassian.com/oidc/oauth/
Redirect Chain
  • https://auth.atlassian.com/authorize?client_id=IxYiM0Mnu4QwMrWq0GqEaPnHV5s4fX2O&response_type=code&redirect_uri=https%3A%2F%2Fgetsupport.atlassian.com%2Fplugins%2Fservlet%2Fauthentication%3Fauth_pl...
  • https://id.atlassian.com/oidc/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.atlassian.com%2Flogin%2Fcallback&state=wi_3CapyzpBfME62257qlxdk2T1zlj16&client_id=RP6QeEK_26C7q49Yf
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id.atlassian.com
URL
https://id.atlassian.com/oidc/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.atlassian.com%2Flogin%2Fcallback&state=wi_3CapyzpBfME62257qlxdk2T1zlj16&client_id=RP6QeEK_26C7q49Yf

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.atlassian.com
cdn.auth0.com
getsupport.atlassian.com
id.atlassian.com
id.atlassian.com
13.224.95.26
185.166.143.2
185.166.143.8
6e347e641f9f13537dd8500467023cf1f0f8cace301358e71bd4869832fead86
a863d6d63b9c97330c878334c30a7d90e00dcb7c3dad0edf6932ff00c6415d22