I doubt anyone would fall for this though, especially when they're (the phishing site) warning us that we should check the URL...
I wrote an email to OpenProvider, and I suggest you do the same: https://support.openprovider.eu/hc/en-us/articles/360001725008-Reporting-abuse
EDIT: Support response:
Quote
Dear Sir, Madam,
Thank you for the notification.
We have informed the reseller about your complaint and he will investigate this issue. If we do not receive any update from them, we will suspend the domain after 2020-03-15 09:15:26 CET and it will stop working.
Please, check this article about abuse procedure in order to know more about the responsibilities of the registrar: https://support.openprovider.eu/hc/en-us/articles/360001725008-Reporting-abuse.
Thank you for the notification.
We have informed the reseller about your complaint and he will investigate this issue. If we do not receive any update from them, we will suspend the domain after 2020-03-15 09:15:26 CET and it will stop working.
Please, check this article about abuse procedure in order to know more about the responsibilities of the registrar: https://support.openprovider.eu/hc/en-us/articles/360001725008-Reporting-abuse.
EDIT 2: It appears that both sites are down now.
