Scam Detective

Scam Campaign

Archive Scam, lun.marvek.live

Identified on 5/29/2026

How This Campaign Connects

Domain: lunme.onters.sbs — High Risk, 0 complaintslunme.onter…Domain: lunqv.hollower.sbs — High Risk, 0 complaintslunqv.hollo…Domain: lungx.hollower.sbs — High Risk, 0 complaintslungx.hollo…Domain: lunt.revio.live — High Risk, 0 complaintslunt.revio.…Domain: lun.marvek.live — High Risk, 0 complaintsDomainlun.marvek.li…High RiskSuspiciousConsumer ComplaintsLow Activity
The primary entity at the center and the rest of the cluster around it. Showing the 4 highest-risk connections; 4 more in this cluster.

Primary Entity

domain

lun.marvek.live
High Risk
  • Flagged by Google Safe Browsing
  • No SSL certificate

Campaign Narrative

This cluster centers on 9 connected domains tagged as Password: lunex, PureCrypter, zip. The domains include lunt.revio.live, lunq.revio.live, lunme.onters.sbs, lunhx.onters.sbs, lunqv.hollower.sbs, lungx.hollower.sbs, lunhx.hollower.sbs, lunts.hollower.sbs, lun.marvek.live. 9 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus.

Flagged domains in this cluster, lunt.revio.live, lunq.revio.live, lunme.onters.sbs, lunhx.onters.sbs, lunqv.hollower.sbs, lungx.hollower.sbs, lunhx.hollower.sbs, lunts.hollower.sbs, lun.marvek.live.

This campaign was identified through automated analysis of threat intelligence feeds and entity relationship mapping.

Entity Roster

Domains (9)

Data Sources

Scam Prevention Resources

By the Time Elder Fraud Looks Like Fraud, the Money Is Often Gone

A stranger calls an older woman, greets her as Grandma, and says her grandson is hurt and in police custody. The scariest part is how ordinary the next few minutes feel.

Seven 833-408 Numbers Are Tied to Fake Mortgage Servicer Mail and Calls

Consumers are reporting mailers and calls from numbers including (833) 408-1597 and (833) 408-1587 that impersonate mortgage servicers. Here is what the reports show.

Fake Chase Openers and Warm Transfers Feed a Three-Number Debt Fraud Operation

Callers impersonating Card Member Services are using intimidation tactics and transfer tricks to pressure consumers. Here is what the reports show.

Ignore Calls About an Unserved Summons Directing Contact to Janet Wilson

Callers posing as county process servers claim you have an unserved court summons and push you to contact a 'Janet Wilson' at toll-free numbers tied to a debt collection impersonation scheme.

833-382-5531 Is One of Eight Numbers on Fake Mortgage Postcards Hitting Homeowners

Postcards with real mortgage details and urgent language are being used to impersonate lenders including SmartFi. Here is what the reports show and how to protect yourself.

View all articles

Proton Pass Unique passwords for every account

After a breach, reused passwords let attackers into your other accounts. Proton Pass generates and stores a unique password for each one.

Try Proton Pass freeAffiliate link. We may earn a commission.
View all campaigns