You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
From whois, those IPs seem to be owned by Atlassian themselfes, as I understand the Netherlands branch: Whois IP 22.214.171.124
So this gets a "probably legit" from me, but you can always do some more analysis.
It would be helpful to know what they open. Since your post is tagged with "server", I assume you host your own instance and have access to the logs. If you share the relevant part of the access and error log, then we can check this also.
In case of incoming packets, I suspect atlassian checking your site in some automated process.
In case of outgoing packets, I suspect your instance does contact some central atlassian server, eg for license validation or check for updates.
In any case, either your firewall or your access / error log should contain some more hints.