# polymarket-bot-nextjs.vercel.app — SUSPICIOUS

> polymarket-bot-nextjs.vercel.app is a fake Next.js dashboard hosting a credential harvesting portal. 1 of 95 VirusTotal scanners already detect the.

## Summary
PhishDestroy identifies polymarket-bot-nextjs.vercel.app as an active credential-harvesting site delivered under a Next.js dashboard guise. The domain immediately prompts visitors for login details, exfiltrating credentials to attacker-controlled servers rather than Polymarket.

This domain was flagged by 1 of 95 VirusTotal security vendors, is registered through Vercel Inc., and resolves to IP 64.29.17.131 behind a Google Trust Services SSL certificate—normal hosting metadata deliberately abused to lower suspicion.

If you visited this site, assume your credentials were captured. Change passwords used here on all accounts, enable multi-factor authentication wherever possible, and scan devices for malware using updated antivirus tools.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Vercel Inc.
- IP: 64.29.17.131

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a649cc90-1bbc-42b2-8ac3-ee169021b11a
- PhishDestroy: https://phishdestroy.io/domain/polymarket-bot-nextjs.vercel.app/
- LLM endpoint: https://phishdestroy.io/domain/polymarket-bot-nextjs.vercel.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/polymarket-bot-nextjs.vercel.app/
Last updated: 2026-03-21