bossnet.az

https://bossnet.az/portal/medieval-competitors-voting-authentication-v5a4v1d9q7q1i9n4i9y1xxs

185.32.47.214 · Bossnet LLC

Location

Baku, Azerbaijan

Domain Age

—

HTTP

200 · 27.3s

SSL

Valid· R13, Let's Encrypt, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "Redirecting to Login"

Save

Domain Intelligence: bossnet.az

Scanned 4 times since Mar 9, 2026, 12:41 PM UTC

✗ Critical (100)

Take this site down

Report to 50+ vendors instantly

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

Unknown

Credential Phishing

Summary

This site at bossnet.az is impersonating a login portal with a redirect to a login page, likely aiming to harvest credentials. The page title redirects users and the static HTML shows no forms, but the SPA-like structure and numerous asset requests suggest credential capture via JavaScript. The domain appears unrelated to any widely known brand and features a misleading redirect prompt, indicating phishing/impersonation behavior.

Attack Techniques (6)

Domain branding mismatch: bossnet.az does not correspond to a known consumer brand in the page content (Redirecting to Login).SPA/JS-driven credential capture: static HTML contains no forms; scripts and assets imply runtime rendering of login UI.Brand logo/assets loaded from page assets: multiple image/icon requests under bossnet.az to mimic a branded login experience.Phishing redirect flow: page immediately redirects to a login URL after a short timeout, reinforcing credential collection behavior.Suspicious hosting with Let's Encrypt cert and new domain proximity: recent cert issuance (Jan 2026) and unknown WHOIS/registration data.Visual impersonation risk: page design and background imagery tailored to resemble a legitimate login experience to deceive users.

Indicators of Compromise (5)

▸DOMAIN: bossnet.az (IOC)

▸URL path contains portal/medieval-competitors-voting-authentication-v5a4v1d9q7q1i9n4i9y1

▸Network requests loading assets from bossnet.az: /portal/medieval-competitors-voting-authentication-..., /portal/34d292378e1b8.jpg, icon-*.png, osrs-icon.png, etc.

▸Background image URL and embedded logo assets hosted on bossnet.az

▸SSL cert issued by Let's Encrypt for www.bossnet.az (valid Jan-Apr 2026)

Risk AssessmentUsed in abuse reports

The site is highly suspicious and should be treated as malicious. The domain bossnet.az is providing a redirect-laden SPA that renders a login interface via JavaScript, with no static login form present in the initial HTML. The page content and assets indicate an impersonation of a branded login experience, designed to capture user credentials once the SPA loads the login UI. The SSL certificate is legitimate but newly issued; combined with the active redirect script and host-only asset loading, this strongly suggests a credential phishing operation targeting users who land on the page. Given the lack of brand signals in the domain itself and the explicit redirect to a login URL, this is a credible credential phishing page intended to harvest credentials from unsuspecting users.

Recommended Action

Suspend Domain

Cross-Reference8

URL Intelligence