Mailbox E2E Test
From: Mailbox Test <external-sender@example.net>Mar 30, 2026, 7:06 PMea5511df...1d8d2c
completedMalicious99%
Malicious99% confidence
This email is a phishing lure directing the user to a Microsoft-branded sign-in page hosted on a non-Microsoft Cloudflare Workers domain. Browser validation confirmed the site presents an email-to-password login flow and harvests credentials on the same host, which is consistent with active credential theft. The mismatched infrastructure and sign-in request strongly support a malicious verdict.
PhishingCredential HarvestingBrand ImpersonationLink-Based
URLs analyzed1
Malicious URLs1
Suspicious URLs0
Documents0
Artifacts0
QR codes0
URL Signals
1 analyzed
Maliciousms-auth-v1.cloudflare-analyticsv1.workers.dev
https://ms-auth-v1.cloudflare-analyticsv1.workers.dev
https://ms-auth-v1.cloudflare-analyticsv1.workers.dev/
Documents
0 processed
None.
Authentication
spfUnknown
dkimUnknown
dmarcUnknown
Envelope
From
Mailbox Test <external-sender@example.net>
Reply-To
report@distill.ch
Attachments
0