# capitalbuildplc.com — SUSPICIOUS

> Avoid capitalbuildplc.com—an active phishing domain posing low risk but flagged for suspicious behavior. Stay cautious and verify site legitimacy.

## Summary
PhishDestroy identifies capitalbuildplc.com as a domain involved in generic phishing activities. Although assessed with a low risk level, this domain is actively used to deceive users by mimicking legitimate services to harvest sensitive information. The domain’s recent creation date and suspicious registration details contribute to its phishing profile.

The domain resolves to IP address 198.54.132.28 and was registered through Ultahost, Inc. It was created on August 18, 2025, making it relatively new and potentially part of emerging phishing campaigns. VirusTotal analysis indicates that 2 out of 95 security vendors have flagged this domain, suggesting some recognition of its malicious intent, albeit limited detection coverage. This infrastructure detail highlights a moderate presence in threat intelligence databases.

Currently, capitalbuildplc.com remains active and should be treated with caution. Users and organizations are advised to avoid interacting with this domain, especially refraining from submitting any personal or financial data. Security teams should consider blocking this domain at network and endpoint levels and monitor for related phishing attempts. Continued observation and additional intelligence gathering are recommended to track any escalation in its threat posture.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: home -  Capital Build PLC

## Domain Intelligence
- Registered: 2025-08-18 20:12:43
- Registrar: Ultahost, Inc.
- IP: 198.54.132.28
- Nameservers: ns1.ultahost.com ns2.ultahost.com ns3.ultahost.com ns4.ultahost.com

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["alphaMountain.ai", "Fortinet"]
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://i.ibb.co/67Xgv591/e2afcf9d46e0.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/9aaace3c-59ce-4a94-97a1-7b3239bb1688
- PhishDestroy: https://phishdestroy.io/domain/capitalbuildplc.com/
- LLM endpoint: https://phishdestroy.io/domain/capitalbuildplc.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/capitalbuildplc.com/
Last updated: 2026-03-19