Hey Exploit01, please let me know what you have found here. I don't consider the scammer to be technically skilled at all; the phishing page in itself is very primitive and reportedly the code only stores the _last_ password.

The following files are courtesy of scotaloo; who despite our history I have chose to sent him 0.25 BTC out of the bounty in order to reward him for his efforts.

Access logs: https://mega.nz/#!KxhyCK6S!cPInrNU2tIJF9LP30Upex7Z6j4CAEAyad0APxqXaFFs
Extra logs: https://mega.nz/#!T5pymarT!oKVdk3yG4V16SBBHAHzc2fGOrWCijednGa9U6FRgOD4

Dump of public_html (431MB): https://mega.nz/#!y8QDkAzD!cB_B-fG9oA0t8lBRq8LMa_tN3KOKiol6FTwGSAXIexA