MalwareTips
Security Review

Is streamforge.b-cdn.net legit or a scam?

Our verdict:Dangerous· 25/100

Malicious gaming-themed subdomain linked to Lumma Stealer malware distribution and deceptive social media promotions.

Top reasons
Confirmed association with Lumma Stealer malware distribution.Uses deceptive 'StreamForge' branding to lure users via Discord and TikTok.Hosted on a CDN subdomain frequently abused for malware command and control.
streamforge.b-cdn.netScanned 1h ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 90·MT 12
Category tags
malwaregaming scam#malware#gaming scam95% MT confidence

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
10 years old
Registered Apr 25, 2016
MT Intelligence
Dangerous
Critical likelihood · 95% confidence
DANGEROUS

Critical risk detected

Malicious gaming-themed subdomain linked to Lumma Stealer malware distribution and deceptive social media promotions. Multiple independent checks — antivirus engines, browser safety blocklists, and threat databases — flagged this site. Don't enter personal information, deposit money, or download files.

Website Preview

Screenshot of streamforge.b-cdn.net
LIVE RENDER
streamforge.b-cdn.net
1Page appears parked or non-functional

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

40
/ 100
Moderate visual risk

Visual red flags detected in the screenshot

The screenshot shows a standard service provider error page indicating the domain is not currently hosting active content.

Visual risk40/100

What our vision model saw

2 signals

Page appears parked or non-functional

Displays a 'Domain suspended or not configured' message from bunny.net

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust12/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
Our analysis identifies this subdomain as part of a broader malware distribution network. While the page currently shows a service error, the underlying infrastructure is heavily documented by security researchers as a host for Lumma Stealer. The 'StreamForge' branding is used on Discord and TikTok to lure users with promises of free streaming or cash, leading them to download malicious scripts. Multiple security engines and researchers have confirmed that files hosted on this specific CDN path contain Base64-encoded PowerShell scripts designed to infect devices. The lack of any legitimate business registration or positive reputation further confirms its role in cybercriminal activity.
Full dossier
Analysis complete

Page Content

The site currently displays a 'Domain suspended or not configured' message, which often occurs when a CDN provider takes down a malicious zone or the attacker rotates their infrastructure. Previous versions of this campaign used 'StreamForge' branding to target gamers and social media users.

Infrastructure

The site is hosted as a subdomain on a popular content delivery network (CDN). While the CDN provider itself is legitimate, this specific 'b-cdn.net' zone is frequently abused by attackers to bypass traditional security filters and host malware loaders.

Domain History

The root domain is over 10 years old because it belongs to the hosting provider, but this specific subdomain has no history of legitimate operation. It appears to be a disposable asset created specifically for short-term malware campaigns.

Web Reputation

Security researchers have explicitly linked this domain to Lumma Stealer infections. Reports indicate the site has been used to host fake CAPTCHA pages and malicious text files that execute code on a visitor's computer.
Risk Factors
5
  • Confirmed association with Lumma Stealer malware distribution.
  • Uses deceptive 'StreamForge' branding to lure users via Discord and TikTok.
  • Hosted on a CDN subdomain frequently abused for malware command and control.
  • Documented use of malicious PowerShell scripts and fake CAPTCHA pages.
  • No verifiable business registration or legitimate corporate presence.
Positive Signals
1
  • The hosting provider has currently suspended or restricted access to the content.
AI Recommendation
Avoid all links associated with this domain. If you have previously downloaded files from a 'StreamForge' promotion, run a full system scan with updated antivirus software immediately.
Scam network detected
1 linked domain correlated

This subdomain is part of a wider pattern of abuse targeting CDN pull zones to host malware loaders and phishing content.

b-cdn.net
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for streamforge.b-cdn.net, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
10 yrs
Registered Apr 2016
Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
5 scam reports
Key findings
7 headline facts from open-web research
  • streamforge.b-cdn.net is a subdomain hosted on Bunny.net's CDN (b-cdn.net pull zones are used for custom content delivery including video streaming).
  • The subdomain is actively promoted in Discord servers and TikTok as "StreamForge | Free Streaming · EarnCash" with links to discord.gg/5K3zwXWpaV.
  • b-cdn.net subdomains (including many random ones) are heavily abused by cybercriminals for hosting Lumma Stealer (info-stealer malware) loaders, often via fake CAPTCHA pages, Base64-encoded PowerShell, and zip downloads.
  • Security sites document b-cdn.net as a source of rogue pages delivering fake McAfee/virus warnings, push notification scams, and redirects to malware.
  • Direct access to streamforge.b-cdn.net returned HTTP 403 (forbidden), common for misconfigured or protected CDN zones or when content is restricted.
  • No positive reviews, business records, or legitimate streaming platform association found specifically for this subdomain; contrasts with unrelated legitimate "Streamforge" influencer marketing company at streamforge.com.
  • Domain age of ~3707 days aligns with the long-running Bunny.net CDN service (launched years ago).
Scam reports (5)
Direct quotes from public scam databases, forums, and news.
  • 2-spyware.comopen

    "B-cdn.net is a fake website developed by cybercriminals... shows fake messages in order to make users download unwanted software and subscribe to push notifications."

  • pcrisk.comopen

    "B-cdn[.]net is a rogue page that loads dubious content (e.g. "Your McAfee Subscription Has Expired" scam), pushes its browser notifications, and redirects visitors to other untrustworthy/dangerous sites."

  • Microsoft Learn / Q&Aopen

    "The b-cdn(.)net is linked to lumma stealer however i did not download anything or press anything on the website so could my device be infected?"

  • Securelist (Kaspersky)open

    "b-cdn[.]net /win15.txt. The win15.txt file contains a Base64-encoded PowerShell script that then downloads and runs the Lumma Stealer."

  • Cybereasonopen

    "Multiple domains observed in cases of LummaStealer infection were hosted with Bunny.net... Using a CDN for malware command and control (C2)"

Research summary
Narrative write-up from our AI analyst, grounded on the facts above
Our research found multiple high-severity reports from security outlets like Securelist and Cybereason linking this domain to Lumma Stealer infections. These reports describe the site hosting malicious files disguised as legitimate content. Additionally, technical forums and security guides identify the domain as a source of fake virus alerts and unauthorized browser notifications.

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious60Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not in pass
ESET-NOD32
Not in pass
Avira
Not in pass
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Clean
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Domain & Encryption

Domain History
Age10 years old
RegistrarName.com, Inc.
RegisteredApr 25, 2016
ExpiresApr 25, 2029
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerSectigo Limited · Sectigo Public Server Authentication CA DV R36
ExpiresNov 11, 2026 (144d)
Self-signedNo
Hosting & Technology
HostingDatacamp Limited
Server locationUS

Server Reputation

Abuse Intelligence
Confidence score11%
Reports on file6
ISPDatacamp Limited
Usage typeData Center/Web Hosting/Transit

Avoid this site

Our automated review flagged enough risk that you should treat this site as unverified.

  • Do not interact with streamforge.b-cdn.net

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Verify the business through independent channels

    Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.

  • Never use irreversible payment methods

    Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.

  • Share your experience

    If you have additional context, drop a comment below or post on the MalwareTips forum.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags streamforge.b-cdn.net as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — streamforge.b-cdn.net scored 25/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. streamforge.b-cdn.net presents a valid TLSv1.3 certificate issued by Sectigo Limited · Sectigo Public Server Authentication CA DV R36, expiring in 144 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • streamforge.b-cdn.net is 10.2 years old, registered on 4/25/2016 through Name.com, Inc.. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • No. All 92 antivirus engines in our malware network report streamforge.b-cdn.net as clean.
  • No. streamforge.b-cdn.net is not currently listed on the major browser blocklist feeds that modern browsers use.
  • streamforge.b-cdn.net resolves to an IP operated by Datacamp Limited in US (usage type: Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 19, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around streamforge.b-cdn.net have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·streamforge.b-cdn.net
DANGEROUS

This site is a malicious subdomain used to distribute Lumma Stealer malware under the guise of a gaming or streaming rewards platform. It is currently inactive or restricted, but its infrastructure is tied to known malware campaigns. Do not attempt to download files or interact with links from this domain.

Avoid all links associated with this domain. If you have previously downloaded files from a 'StreamForge' promotion, run a full system scan with updated antivirus software immediately.

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust12
desghny.cfd
24m ago
Read the review
Dangeroustrust42
footybite.ac
47m ago
Read the review
Dangeroustrust1
skyheightscorp.com
1h ago
Read the review
Dangeroustrust12
capitalflowtrader.com
2h ago
Read the review
Dangeroustrust8
kk-ke.top
2h ago
Read the review
Dangeroustrust8
bitly.cx
3h ago
Read the review
Dangeroustrust1
security-indexer--adamlee160686.replit.app
3h ago
Read the review
Dangeroustrust1
acct.caixesp-finbk.com
3h ago
Read the review
Dangeroustrust1
jbapamxtra.my
3h ago
Read the review
Dangeroustrust17
balancer-chainlink.com
4h ago
Read the review
Dangeroustrust1
asdfghjkjhgfdsaq1.vercel.app
4h ago
Read the review
Dangeroustrust19
yfibalancer.finance
4h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.