Opps! Its surprising to me, they used 3 domain name for scam people with very carefully. OP did a great job, but phishing link should not post like that. Use code for it so no one will click even by mistake. Post like below,
To be honest, I were spent couple of second to find mistake on above link. So I will make it clear.
blockchaiın (dot) comSee how clever they are. When I opened it I wondered where is the mistakes. Then point it, on address bar looking this above address but when I go to copy or edit they showing another address.
Guys, please stay way from this attack, don't be greed.