Dr . Who Dr.Who lives at drwho.me — audit-grade domain evidence.
additional context — IP + user-agent lookups lookups that complement a dossier — useful when investigating a finding, but not part of the dossier engine itself.
cert valid for 174 days
Why it matters: A valid current TLS certificate is the baseline for data in transit. Expiry, weak chain, or hostname mismatch break HTTPS and fail PCI 4.2.1 / SOC 2 CC6.1.
subject cn: *.frontend.public.atl-paas.net
issuer: Amazon RSA 2048 M04 / Amazon
valid: Apr 30 00:00:00 2026 GMT → Nov 13 23:59:59 2026 GMT
authorized: yes
sha256: D6:DC:CE:9C:79:31:CB:E5:E1:8D:09:E3:69:E2:EC:FA:60:C6:71:10:EB:B9:D6:E3:D7:E8:19:CD:14:CF:5D:68 sans *.frontend.public.atl-paas.net bitbucket.org *.bitbucket.com *.bitbucket.io *.teamworkgraph.ai *.devsphere.tools.atlassian.com *.rovo.com *.halp.com halp.com *.internal.atlassian.com *.atlassian.com atlassian.design *.us-west-2.prod.public.atl-paas.net *.prod-apse.frontend.public.atl-paas.net *.atl-paas.net *.prod.atlassian-dev.net bitbucket.io *.prod-east.frontend.public.atl-paas.net *.remix.prod.atlassian-dev.net *.atlassian.dev teamworkgraph.com *.prod-west.frontend.public.atl-paas.net teamworkgraph.ai atlassian.dev apkg.io *.trello.com trello.com *.atlassian-isolated-3p.com atlassian-3p.com atlassian.com *.prod-euwest.frontend.public.atl-paas.net *.prod-west2.frontend.public.atl-paas.net *.teamworkgraph.com *.bytebucket.org *.prod.atl-paas.net *.prod-eucentral.frontend.public.atl-paas.net jira.com rovo.com *.prod-apse2.frontend.public.atl-paas.net bitbucket.com *.atlassian-3p.com *.us-east-1.prod.public.atl-paas.net *.bitbucket.org atlassian-isolated-3p.com *.status.atlassian.com *.apkg.io *.jira.com bytebucket.org puds.prod.atl-paas.net *.prod.public.atl-paas.net fetched 2026-05-23T09:24:33.921Z
2 MX record(s) present
Why it matters: MX records direct inbound mail. Misconfiguration silently breaks email delivery and lets attackers stand up parallel MX hosts for spoofing campaigns (ISO 27001 A.8.21).
pri=10 mxa-001d9801.gslb.pphosted.com.pri=10 mxb-001d9801.gslb.pphosted.com.fetched 2026-05-23T09:24:33.960Z
p=reject — strict policy
Why it matters: DMARC binds SPF and DKIM into an enforceable policy (quarantine or reject) and surfaces spoofing attempts via aggregate reports. `p=none` or absent means spoofing succeeds silently (SOC 2 CC6.7).
v=DMARC1; p=reject; fo=1; pct=100; adkim=r; aspf=r; rua=mailto:dmarc_rua@emaildefense.proofpoint.com,mailto:dmarc-rua@abuse.atlassian.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com,mailto:dmarc-ruf@abuse.atlassian.com
v= DMARC1
p= reject
fo= 1
pct= 100
adkim= r
aspf= r
rua= mailto:dmarc_rua@emaildefense.proofpoint.com,mailto:dmarc-rua@abuse.atlassian.com
ruf= mailto:dmarc_ruf@emaildefense.proofpoint.com,mailto:dmarc-ruf@abuse.atlassian.com fetched 2026-05-23T09:24:33.961Z
no CORS headers — cross-origin requests blocked by default
Why it matters: Overly permissive CORS (wildcard with credentials, or reflected origin) lets any origin read authenticated responses from this domain. OWASP A05 misconfiguration territory (NIST AC-4).
origin https://drwho.me method GET preflight status 301 access-control-* headers
access-control-allow-origin —
access-control-allow-methods —
access-control-allow-headers —
access-control-allow-credentials —
access-control-max-age —
access-control-expose-headers — no access-control-* headers returned — site does not advertise CORS to this origin
fetched 2026-05-23T09:24:33.964Z
1/6 DKIM selectors valid
Why it matters: DKIM signs outbound mail so receivers can detect tampering. Missing selectors or rotated-away keys break DMARC alignment and let receivers downgrade trust (ISO 27001 A.8.24).
Recommendations
Check the missing selectors in your DNS provider and re-add any removed records
default: —
google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKEkAUkiVp+FFIbxY5DDRhBFTLhpMXZP9jGXGzPr20Iapn6IJCGA6tqajxF0cXYqGseNC1fwBT8EbGhVzHhY6OjcCyGm/YG4cWztwnVxAAFO4WBKmGjp85EUznjvYRvOwlRyjCoQOySmdFphabxaU+TuVj2YoCA0ffhH5A0y/a+rD3ii+bKoYI3QHxU1ktUPpYzfkeinNH+89Lw12r8CFayOXTa3JDEoZksSJnB6mEym6tCOciBJXCZyMj2uZ+7wPN26nzKAz5wJtkjS6CQzFpJ8Zmaeek35BVmLiCUUkLn18T9Xwpn+kS8WtyVhjMA7zgCuO1OELaK08xsoZj7CZwIDAQAB
k1: —
selector1: —
selector2: —
mxvault: — fetched 2026-05-23T09:24:33.987Z
DNSKEY published but no DS delegation — DNSSEC not enforced by parent
Why it matters: DNSSEC cryptographically signs DNS responses, blocking cache-poisoning attacks. US federal civilian agencies are required to enable it under OMB M-22-09 (NIST SC-20).
Recommendations
Submit the DS record to your domain registrar to complete the DNSSEC delegation chain
enabled no
DS records —
DNSKEY records 4 key(s) fetched 2026-05-23T09:24:33.993Z
~all softfail — receivers may still accept
Why it matters: SPF tells receiving servers which hosts may send mail for the domain. Without it, any sender can forge the envelope-from — the primary mechanism behind business-email-compromise (SOC 2 CC6.7).
Recommendations
Move to -all (hardfail) once your mail flow is confirmed — softfail gives no real protection v=spf1 ip4:54.85.255.245 ip4:54.241.191.3 include:_spf.google.com include:cust-spf.exacttarget.com include:spf-001d9801.pphosted.com include:amazonses.com include:spf1.atlassian.com include:spf3.atlassian.com ip4:54.71.147.74 ip4:54.71.63.106 ip4:54.70.13.32 ~all
v=spf1 ip4:54.85.255.245 ip4:54.241.191.3 include:_spf.google.com include:cust-spf.exacttarget.com include:spf-001d9801.pphosted.com include:amazonses.com include:spf1.atlassian.com include:spf3.atlassian.com ip4:54.71.147.74 ip4:54.71.63.106 ip4:54.70.13.32 ~all fetched 2026-05-23T09:24:33.994Z
A/AAAA records present
Why it matters: Without authoritative A or AAAA records on the apex, the domain is unreachable. Missing baseline DNS shows up in vendor reviews as evidence of unmanaged infrastructure (SOC 2 CC6.6).
A ttl=60 18.160.18.39ttl=60 18.160.18.90ttl=60 18.160.18.99ttl=60 18.160.18.14
AAAA — NS ttl=172579 ns-112.awsdns-14.com.ttl=172579 ns-1388.awsdns-45.org.ttl=172579 ns-2018.awsdns-60.co.uk.ttl=172579 ns-595.awsdns-10.net.SOA ttl=900 ns-112.awsdns-14.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 120CAA ttl=300 \# 17 00 05 69 73 73 75 65 61 6d 61 7a 6f 6e 2e 63 6f 6dttl=300 \# 93 00 05 69 73 73 75 65 64 69 67 69 63 65 72 74 2e 63 6f 6d 3b 20 61 63 63 6f 75 6e 74 3d 63 32 65 62 30 66 35 30 63 61 31 31 33 64 37 35 34 33 64 35 38 61 31 30 66 35 32 33 64 30 34 36 39 66 66 39 32 32 66 31 31 35 65 35 65 34 65 39 30 35 36 66 33 64 35 66 38 37 64 33 33 35 36 63ttl=300 \# 21 00 05 69 73 73 75 65 67 6c 6f 62 61 6c 73 69 67 6e 2e 63 6f 6dttl=300 \# 22 00 05 69 73 73 75 65 6c 65 74 73 65 6e 63 72 79 70 74 2e 6f 72 67ttl=300 \# 15 00 05 69 73 73 75 65 70 6b 69 2e 67 6f 6f 67ttl=300 \# 21 00 09 69 73 73 75 65 77 69 6c 64 61 6d 61 7a 6f 6e 2e 63 6f 6dttl=300 \# 97 00 09 69 73 73 75 65 77 69 6c 64 64 69 67 69 63 65 72 74 2e 63 6f 6d 3b 20 61 63 63 6f 75 6e 74 3d 63 32 65 62 30 66 35 30 63 61 31 31 33 64 37 35 34 33 64 35 38 61 31 30 66 35 32 33 64 30 34 36 39 66 66 39 32 32 66 31 31 35 65 35 65 34 65 39 30 35 36 66 33 64 35 66 38 37 64 33 33 35 36 63ttl=300 \# 25 00 09 69 73 73 75 65 77 69 6c 64 67 6c 6f 62 61 6c 73 69 67 6e 2e 63 6f 6dttl=300 \# 26 00 09 69 73 73 75 65 77 69 6c 64 6c 65 74 73 65 6e 63 72 79 70 74 2e 6f 72 67ttl=300 \# 19 00 09 69 73 73 75 65 77 69 6c 64 70 6b 69 2e 67 6f 6f 67TXT ttl=3600 "1d0d0fe5-61e0-4edb-a509-92bc5ce59983"ttl=3600 "JkOZtIuIvTHsXraQgis9EtXUyG3SaZAj"ttl=3600 "MS=ms18133540"ttl=3600 "SFMC--FelJdVfs1qWNvc7OtWJs6MZcusOPOyWM_eCsysa"ttl=3600 "SFMC-NEVZE-pd0X15BlxXI8i2N1C977acCSS6iXsjznDF"ttl=3600 "SFMC-VGtbZqMeaLnLX_ep8blmghawDtsZvdGp8ohWo4J5"ttl=3600 "SFMC-wEuWumryKcoCTXQMJmxNyZH7NNNMnlDdhmqeETRC"ttl=3600 "SwdhbLH9TABXUXVsyv0iFHC0gtExgksKtVsvVoqGKZ4="ttl=3600 "_tr70kb8d6vfv6evu0rderlk4g0qp5iu"ttl=3600 "adobe-idp-site-verification=45af865bd23a9cbf05c82c7c47118beaae9fa1806a8906132943dbf19c9f470b"ttl=3600 "airtable-verification=220a9b71c22879816d9d241613827202"ttl=3600 "anodot-domain-verification=23e696e0e0d3bd0801e872b07a3ae2e96fd14cda1e6e0da7bbaf2e4e095cb21a"ttl=3600 "anthropic-domain-verification-enh4fz=TCXJHD6cAL2Z8omPsnYyIrBSZ"ttl=3600 "apperio-domain-verification=205f89afe51545a9805b40d8fca11dc3"ttl=3600 "apple-domain-verification=xJk7gq0QjgmNwKOC"ttl=3600 "atlassian-domain-verification=7xPjAxr91ksK7xsQQrqNJ8JFeaE9d8uAuzKoBhkfR7hlh7Gzy3MuwtWaHXBZfc45"fetched 2026-05-23T09:24:33.988Z
ttl=3600
ttl=3600 "atlassian-domain-verification=CXg3TfK6ks2yn8qhnjbtaw8KCGz1K31j0BtdTSS5WlX6VJiPfspjjg3f26obkuA8"
ttl=3600 "atlassian-domain-verification=GoNKpGQAjzgcMJeaDCpawM8OAdqJfI3Qdf9spLiWI8C0YsmbNaRV2Ynl6LCQYdYN"
ttl=3600 "atlassian-domain-verification=JxhV/ZhZkrHgVYscIkTb0uMQ/pZKY49/9ooO9KLUmIFve3PmWY8TFJSMQTmgLgv/"
ttl=3600 "atlassian-domain-verification=LxdUlMBGyIDZzdv5a3379ISDrFCwFudcod0VChiY9LkNp28183xDRHw8pkPq7Ypk"
ttl=3600 "atlassian-domain-verification=TS3UJOnLYyKBsGxOYnvhbVxyWdzDSJkxGkxrZumZa0N105LDvHaJUaiYaVzOxcUb"
ttl=3600 "atlassian-domain-verification=TX9lehYa7FjdqgpdvamdPToWtgCK34NADujThyFK7Pb36OxG/zvaJ8jrcFRa0DxC"
ttl=3600 "atlassian-domain-verification=YgtkR1lUarneaVF9TSEqiX78nL3RNACOQ6IIvkJjhmZx8Db3bRgl/nIrpPNopHWj"
ttl=3600 "atlassian-domain-verification=ZRphniOpyvhHV76mRmxnLkHJVrKnbeOIxmhbxb8PF6AarX0FypthxYB/r5XpVC2E"
ttl=3600 "atlassian-domain-verification=ZlsTGOEPNmWFXzzhEayLG9WDmjOwsr1H36NdpelFLTF/kGCLr/a5rCCOqqGZRjWt"
ttl=3600 "atlassian-domain-verification=gtWlmVkmNlzB0F0QoItHOhMGV1F//z0VsxzR6JiXQLK4LaXZ6nVZMybZEXNimQ/D"
ttl=3600 "atlassian-domain-verification=mnSEydSHNWTwzBa1PLswfF7e/U/IEx9v5ppCtA60bxCvWZLntKvQHd2ddb3h3kEd"
ttl=3600 "atlassian-domain-verification=qXy0sJTeEzEpIxfg30MuaX1rZvWqIE66QYh8m1SKJrAxIK59OFAawrIZjKd6kwgo"
ttl=3600 "atlassian-domain-verification=riKoagHwPoh1ADNcj5c0dKK57fNjgfBsG/c7pORIY3PuL3LwseHjKJ7CklCccfp/"
ttl=3600 "atlassian-sending-domain-verification=1eef8e00-d3a1-4e96-87d6-3c89eff0c1a0"
ttl=3600 "atlassian-sending-domain-verification=d3a0d4ae-a1a3-46dc-897e-9b3c7a05aa12"
ttl=3600 "bugcrowd-verification=e6bfef1b70648d92dfaa9c71109333e1"
ttl=3600 "canva-site-verification=xQleHIYkB_3_GwMv8WMAhg"
ttl=3600 "cursor-domain-verification-64a3xw=FGgvQz4cWuUQpOR9J9nyQwkR9"
ttl=3600 "d25ka488dfqyj6.cloudfront.net"
ttl=3600 "docusign=1d2cd2cd-53da-4c43-b487-46a5d4745f60"
ttl=3600 "docusign=40001689-5955-4691-bdc0-0c95f792b589"
ttl=3600 "docusign=c709d0e7-f221-4f03-b936-704266b503a0"
ttl=3600 "dropbox-domain-verification=o4rdwxnte1t0"
ttl=3600 "facebook-domain-verification=s0cdi2ihgpeg7v7hl45zatfdbi5ia6"
ttl=3600 "google-site-verification=4BcTn3m9wfJrq8ONDz9ltMbFhVgT51FVkfmSn-fcGZM"
ttl=3600 "google-site-verification=961ryHZWzEAyKPpOY6xTPviMeUlp00RagzX7INHnRpk"
ttl=3600 "google-site-verification=CRUWMjnPZaaZap-3EJktXdl_an_hWEgNqTb_j2LUTcM"
ttl=3600 "google-site-verification=Ey-v6Be7J2lbOSMR7ID-gA6wGZXKxYMuTVkR4LFueow"
ttl=3600 "google-site-verification=Gh3bIDlI_r-ksbSfnr8Kzvgp6Ccq3fE8dd_LXzJVIpo"
ttl=3600 "google-site-verification=Kj7SMNgp41m5YiH7KEawowCRQFilQrRZ8D_TztiEn2g"
ttl=3600 "google-site-verification=Lwmfu2vZQ0v_OCc48kYQNXCcmgP7Gj6Fg2kL08Xhfn0"
ttl=3600 "google-site-verification=MSD4eeRGxm5bA9Au1cGuV8OPQOsju7epTDJ-f9C90gY"
ttl=3600 "google-site-verification=O7Ybt8qvuC_Wr7eNYnJyhTxaGWpIERx_eQXhD219Mmc"
ttl=3600 "google-site-verification=U5hiOly8JOwhyRXMmxgWaDHGMem7kgQud1Iis8gshyA"
ttl=3600 "google-site-verification=fK0r-SyWnbxUuzdIbhScO9WjBIDBuEAh8ldTX3FDheU"
ttl=3600 "google-site-verification=r1_7nBuqdcWdM0QIiDWQusHa9jelyX5hJYgX3xWSeTM"
ttl=3600 "google-site-verification=va3Nya0kn20guRQIVU-LF4RRsKZ6u1Rewtqb4eYro-8"
ttl=3600 "google-site-verification=x-2Aoze34nZo0Bs3hefRL6DJiMtGOyYBixByW_D0ZPU"
ttl=3600 "google-site-verification=z98_8Laz1Jr_VZwpAMfx5IXbFy4PCx66ygZoqCeLyyc"
ttl=3600 "hubspot-developer-verification=YzQ0ODBmZWMtMWI4YS00Zjk4LWI1ZDEtZGFkNzg3NzQ0MWY2"
ttl=3600 "hubspot-developer-verification=ZjUyYzJkNDEtNTllMC00MjE4LTg0NzctNGFkNDNhMTQwMDJl"
ttl=3600 "jamf-site-verification=tQF45ulu-gGP9PsBrWuMpw"
ttl=3600 "knowbe4-site-verification=d26e46454d5f1bfcd1bd89f8ccf0d578"
ttl=3600 "krisp-domain-verification=iaYrEjBouKqKfT09dQFvUw0qkjiB2HwO"
ttl=3600 "lastpass-verification-code=6kaWM#TIy^*%CfMRVDa&&j&$JrJ4mr%!b^*HRTs1X3V4pMsGgUnD02HI*9ij&SBYbfoB9UV9xjOgWuaoAjTu4RywpdWrw7c%w5F"
ttl=3600 "miro-verification=6bd145c8ff96aabe81ebbc9298522ad4c41e08f6"
ttl=3600 "mongodb-site-verification=7ITIBB5r72gygRCiBxwA5UQcOyng1Vz1"
ttl=3600 "notion-domain-verification=1ez7s7pQwWadv3VpVRoGN6T4wH6rz95OH5yc5aNgDV9"
ttl=3600 "onetrust-domain-verification=aa11449cf62348e78d229049ddf67df2"
ttl=3600 "openai-domain-verification=dv-sieehJkHarisQONQPcyKyLrq"
ttl=3600 "pardot548382=251a035bf1d916039f96c33d2457506ec1936c8c8331956b270cb6f51e4a1a6a"
ttl=3600 "pendo-domain-verification=08405cee-3c6b-4169-9461-fef5648efd67"
ttl=3600 "postman-domain-verification=800d74a33351205a654e3108f639ed29eb015d093ef1c303ac965d3272c6f02456307508bb8236be692906720c795570c4a78814e5ad34365dd2e34731c42197"
ttl=3600 "ppe-b2f6e67f740d3c6bd37c6665c6d19a140a8acd97"
ttl=3600 "profound-domain-verification-kwc8pk=Nkeycc3Ki88gmNXVDIlIu2qgb"
ttl=3600 "segment-site-verification=jWNfQP1TpeIY9m5hjMJ9oq7bqKE7ARtD"
ttl=3600 "status-page-domain-verification=3fbwzqm8vjhr"
ttl=3600 "stripe-verification=04d7fb4776f1301905fec8ab2640d90063d83433562200fe8e84a163af2ff537"
ttl=3600 "stripe-verification=27a7887beca7c109d6beeb7b154db1878cdb699d0d93e48a731ec08c694a6290"
ttl=3600 "stripe-verification=427826c728dfce0a7a78322acfdbce70473ec2d999a739fd15d0151a8ccb0200"
ttl=3600 "stripe-verification=580cea36ec46ac0adcc200221811acaca1db456b0fb91bd7cc129d8f3459b9b8"
ttl=3600 "stripe-verification=71d4571aac7216050c8bebaadf0538662d4e5a950b7c4cfd8e69b12a54835df1"
ttl=3600 "stripe-verification=8C4E45BA3E22F706F5F3FB72A6F72719FE8C912462788AB8D6C1A38CC1C64A6A"
ttl=3600 "stripe-verification=97aa50e11805a745fd972ed3c9cc3b4fb81d706adb8bf9693b347772e00478d5"
ttl=3600 "stripe-verification=B90269683791B84C666A07BAEF5A248445E78BA55FA2E2208E3A062BFA751425"
ttl=3600 "stripe-verification=a08bc6fbbb27bb9d81ddf84670414dc9aec5ed4d6740c0c1a566a71d19ea8341"
ttl=3600 "stripe-verification=c3c46ec084306a30bcc1d0551fb9a508231831f38a2723e874e6446c29281d55"
ttl=3600 "stripe-verification=d6a3912e7b1c6ece6fbbd3fbd94ec2809cef42dd52c146b9e97911d819705df9"
ttl=3600 "stripe-verification=df30411351944f1496e1672379f26a194bc00c7fb0fcbbab989d610f090bffd8"
ttl=3600 "stripe-verification=e3129af3aea23f39d9869982084895f81fcb2a931daec6fac7052df798612d6f"
ttl=3600 "twilio-domain-verification=e459472c26323f835802d62f65dd9f66"
ttl=3600 "v=MCPv1; k=ed25519; p=3+HwEl6PGRASMFD+ktCP5sprdenoB/YZHJAOqE2CVoo="
ttl=3600 "v=spf1 ip4:54.85.255.245 ip4:54.241.191.3 include:_spf.google.com include:cust-spf.exacttarget.com include:spf-001d9801.pphosted.com " "include:amazonses.com include:spf1.atlassian.com include:spf3.atlassian.com ip4:54.71.147.74 ip4:54.71.63.106 ip4:54.70.13.32 ~all"
ttl=3600 "vp76ki2nsesve2u3a44pp0mahb"
ttl=3600 "zoom-domain-verification=2803a8e0-7054-4e81-a7d7-fd55692d5e3b"not applicable: no _mta-sts TXT record
Why it matters: MTA-STS forces inbound SMTP to use TLS and refuse downgraded connections. Without it, an in-path attacker can strip TLS and read mail in plaintext (SOC 2 CC6.7).
not applicable: no TLSRPT record
Why it matters: TLS-RPT publishes a reporting address for SMTP-TLS failures. Without it, downgrade attacks on inbound mail go unnoticed (SOC 2 CC7.2).
check failed: crt.sh: Error: crt.sh http 429; certspotter: Error: certspotter http 429
Why it matters: Every certificate issued for this domain is published in Certificate Transparency logs — including subdomains you may have forgotten. Unknown subdomains in CT are pre-disclosed attack surface (ISO 27001 A.8.16).
crt.sh: Error: crt.sh http 429; certspotter: Error: certspotter http 429
domain registered until 2027-03-19
Why it matters: Registrar and expiry tell auditors the domain is owned, current, and not about to lapse. An expired or about-to-expire domain fails business-continuity evidence (SOC 2 A1.2).
registrar MarkMonitor Inc.
created 2001-03-19T12:38:02Z
expires 2027-03-19T11:38:02Z
statuses clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited, clientTransferProhibited https://icann.org/epp#clientTransferProhibited, clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited fetched 2026-05-23T09:24:34.380Z
HTTPS served correctly
Why it matters: Bare HTTP requests must redirect to HTTPS without dropping the user mid-chain. Plain-text fallback or open redirects fail PCI 4.2.1 and feed phishing chains (SOC 2 CC6.6).
final status: 200 · 2 hops
[301] https://atlassian.com/[200] https://www.atlassian.com/fetched 2026-05-23T09:24:34.489Z
HTTPS surface reachable (robots ✓, sitemap ✓, title ✓)
Why it matters: Public files — robots.txt, sitemap.xml, head meta — are what attackers see first during reconnaissance. Misadvertised paths, stale sitemaps, and verbose generators leak more than intended (ISO 27001 A.8.9).
robots.txt
present User-agent: *
Disallow: /blog/author/*
Disallow: /blog/tag/*
Disallow: /blog/it-teams/tam-day-summit-3-big-takeaways-2/attachment/tam-day
Disallow: /dam/jcr:261696c7-3570-4760-b2a6-b69264c2a2db
Disallow: /dam/jcr:d493cbe0-67e8-4aa5-8972-b41046099254/Lean%20ITSM%20Whitepaper.pdf$
Disallow: /dam/jcr:b549786a-5967-4603-91eb-16a9d8902061/cPrime_SAFewhitepaper_0829_125636.pdf$
Disallow: /dam/jcr:7b30c258-5588-43a5-ba8a-cd1d1cce64cd/Enterprise%20Success%20Package%20One-pager%20Updated%20.pdf$
Disallow: /dam/jcr:1c950f05-9161-4b6b-9fe3-be3e7b1f0412/Jira%20Align%20Enterprise%20Success%20Package%20One-Pager.pdf$
Disallow: */purchase/*
Disallow: */variants/*
Allow: /purchase/price-comparison$
User-agent: atlassian-bot
Disallow: /blog/author/*
Disallow: /blog/tag/*
Disallow: /blog/search/*
Disallow: /blog/archives/*
Disallow: /blog/*/page/*
Disallow: /company/careers/detail/*
# Block all localized paths from being crawled
Disallow: /ja/*
Disallow: /fr/*
Disallow: /de/*
Disallow: /es/*
Disallow: /br/*
Disallow: /zh/*
Disallow: /ko/*
Disallow: /ru/*
Disallow: /pl/*
Disallow: /it/*
Disallow: /nl/*
Disallow: /fi/*
Disallow: /hu/*
Disallow: /ro/*
Disallow: /cs/*
Sitemap: https://www.atlassian.com/sitemap.xml
# Sitemap for Blog
Sitemap: https://www.atlassian.com/blog/post-sitemap.xml
sitemap.xml
present — 10 url(s)
head
title Collaboration software for software, IT and business teams | Atlassian description Atlassian social
no OpenGraph or Twitter meta tags found
fetched 2026-05-23T09:24:34.522Z
Accept-Encoding
via 1.1 9a7c700290cf80b3334e7dcd07bfe44a.cloudfront.net (CloudFront)
x-amz-cf-id TK2s3CTAT9vKxB9yySVebafilBxnT8kpWxZfXtAAtGZmTI9MhXIVYA==
x-cache Miss from cloudfront
x-instance-type r8g.12xlarge
x-xss-protection 1; mode=block B
Mostly compliant · 3 items need attention
Aggregate grade across 15 checks. Auditors typically flag any High-severity finding.
Pass 12
Warn 3
Fail 0 What an auditor would flag first medium SPF
~all softfail — receivers may still accept
SOC 2 CC6.7 ISO 27001 A.13.2.1
low DKIM
1/6 DKIM selectors valid
SOC 2 CC6.7
low DNSSEC
DNSKEY published but no DS delegation — DNSSEC not enforced by parent
SOC 2 CC6.6 ISO 27001 A.13.1.1
Need this as an artifact your auditor can verify?
Your atlassian.com scan flagged 1 medium and 2 low findings. A signed pack covers the apex plus up to 100 CT-discovered subdomains, Ed25519-signed and ISO-timestamped, delivered in 10–30 minutes.
15-check summary DNS records A/AAAA records present MX 2 MX record(s) present SPF ~all softfail — receivers may still accept DMARC p=reject — strict policy DKIM 1/6 DKIM selectors valid TLS certificate cert valid for 174 days Redirect chain HTTPS served correctly Security headers 2 security header(s) missing CORS no CORS headers — cross-origin requests blocked by default Web surface HTTPS surface reachable (robots ✓, sitemap ✓, title ✓) MTA-STS not applicable: no _mta-sts TXT record TLS-RPT not applicable: no TLSRPT record DNSSEC DNSKEY published but no DS delegation — DNSSEC not enforced by parent WHOIS domain registered until 2027-03-19 Certificate Transparency check failed: crt.sh: Error: crt.sh http 429; certspotter: Error: certspotter http 429