hxxp://courrier-vocal-orange.weebly.com/
https://www.virustotal.com/#/url/3350b97d170b20087c1a0e40b31116aa85cfb67d758c59afe77262b05b42b85e/detection
BTW bitdefender trafficlight say it is a phishing site. 
Thanks to Be Secure for reporting. Indeed the website has quite some insecurity besides being a PHISH…Submission #5221822 is currently ONLINE
Submitted Sep 17th 2017 10:31 AM by verifrom (Current time: Sep 17th 2017 2:15 PM UTC) according to Phish Tank…
This https site falls back to http and therefore is insecure: the secure URL you submitted was redirected to:
htxp://courrier-vocal-orange.weebly.com/
No alerts given here: https://urlquery.net/report/cfa6fafe-e31a-4095-b5bf-762fb1e4d49c
Various domains on one and the same weebly dot net IP: https://www.reasoncoresecurity.com/ip-address-199.34.228.54.aspx
Threat detected: Win32/RemoteAdmin.Ammyy.B potentially unsafe application
Riskware with low impact and low number of reported infections.
Aliases Dr. Web: Program.RemoteAdmin.701 G Data: Win32.Riskware.RemoteAdmin.A Kaspersky Lab: not-a-virus:RemoteAdmin.Win32.Ammyy.an ESET: Win32/RemoteAdmin.Ammyy.B potentially unsafe application Files The following files are created: %DISKDRIVE%\Documents and Settings\All Users\Application Data\AMMYY\hr %DISKDRIVE%\Documents and Settings\All Users\Application Data\AMMYY\hr3 %DISKDRIVE%\Documents and Settings\All Users\Application Data\AMMYY\settings3.bin The following files are changed: %temporary internet files%\Content.IE5\index.dat %USERPROFILE%\Cookies\index.dat %USERPROFILE%\Local Settings\History\History.IE5\index.dat Registry The following registry entries are added: HKEY_CURRENT_USER\Software\Ammyy\Admin ("hr": %hex values%; "hr3": %hex values%) HKEY_LOCAL_MACHINE\SOFTWARE\Ammyy\Admin ("hr": %hex values%; "hr3": %hex values%) HKEY_CURRENT_CONFIG\Software\Microsoft\windows\CurrentVersion\Internet Settings ("ProxyEnable": dword:00000000) HTTP Requests rl.*****.com/https://www.scumware.org/report/199.34.228.54.html -> http://cyberwarzone.com/malicious-history-of-199-34-228-54/ 1 error and 9 warnings: https://mxtoolbox.com/domain/courrier-vocal-orange.weebly.com/
F-Grade status: https://observatory.mozilla.org/analyze.html?host=courrier-vocal-orange.weebly.com
Information Loaded Resources
Compromised sites will often be linked to malicious javascript or iframes in an attempt to attack users of your WordPress installation. Look over the listed resources, you should be familiar with all scripts and investigate ones you are not sure. In addition removal of unneeded javascript will speed up your website.
http://courrier-vocal-orange.weebly.com/
GoogleSafe:
OK Load:
186ms Server: 199.34.228.54
Apache ASN: 27647 United States
Weebly, Inc. Reverse DNS:
pages-wildcard-2.weebly.com
http://fonts.googleapis.com/css?family=Karla:400,700|Oswald:700|Roboto+Mono:400,400i,700,700i
GoogleSafe:
OK Load:
33ms Server: 172.217.9.202
ESF ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f10.1e100.net
http://courrier-vocal-orange.weebly.com/files/theme/MutationObserver.js
GoogleSafe:
OK Load:
139ms Server: 199.34.228.54
nginx ASN: 27647 United States
Weebly, Inc. Reverse DNS:
pages-wildcard-2.weebly.com
http://cdn2.editmysite.com/css/sites.css?buildTime=1504829463
GoogleSafe:
OK Load:
34ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
http://cdn2.editmysite.com/css/old/fancybox.css?1504829463
GoogleSafe:
OK Load:
36ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
http://cdn2.editmysite.com/css/social-icons.css?buildtime=1504829463
GoogleSafe:
OK Load:
38ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
http://courrier-vocal-orange.weebly.com/files/main_style.css?1505116580
GoogleSafe:
OK Load:
263ms Server: 199.34.228.54
nginx ASN: 27647 United States
Weebly, Inc. Reverse DNS:
pages-wildcard-2.weebly.com
http://fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext
GoogleSafe:
OK Load:
44ms Server: 172.217.9.202
ESF ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f10.1e100.net
http://fonts.googleapis.com/css?family=Oswald:400,300,700&subset=latin,latin-ext
GoogleSafe:
OK Load:
46ms Server: 172.217.9.202
ESF ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f10.1e100.net
http://fonts.googleapis.com/css?family=Actor&subset=latin,latin-ext
GoogleSafe:
OK Load:
45ms Server: 172.217.9.202
ESF ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f10.1e100.net
http://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,latin-ext
GoogleSafe:
OK Load:
45ms Server: 172.217.9.202
ESF ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f10.1e100.net
http://fonts.googleapis.com/css?family=Yantramanav:400,300,700&subset=latin,latin-ext
GoogleSafe:
OK Load:
48ms Server: 172.217.9.202
ESF ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f10.1e100.net
http://fonts.googleapis.com/css?family=GFS+Didot&subset=latin,latin-ext
GoogleSafe:
OK Load:
46ms Server: 172.217.9.202
ESF ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f10.1e100.net
http://cdn2.editmysite.com/fonts/DayPosterBlack/font.css?2
GoogleSafe:
OK Load:
37ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
GoogleSafe:
OK Load:
36ms Server: 172.217.5.234
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s07-in-f10.1e100.net
http://cdn2.editmysite.com/js/lang/fr/stl.js?buildTime=1504829463&
GoogleSafe:
OK Load:
37ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
http://cdn2.editmysite.com/js/site/main.js?buildTime=1504829463
GoogleSafe:
OK Load:
45ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
http://cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1505434341
GoogleSafe:
OK Load:
37ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
http://courrier-vocal-orange.weebly.com/files/theme/plugins.js?1503954572
GoogleSafe:
OK Load:
349ms Server: 199.34.228.54
nginx ASN: 27647 United States
Weebly, Inc. Reverse DNS:
pages-wildcard-2.weebly.com
http://courrier-vocal-orange.weebly.com/files/theme/jquery.pxuMenu.js?1503954572
GoogleSafe:
OK Load:
133ms Server: 199.34.228.54
nginx ASN: 27647 United States
Weebly, Inc. Reverse DNS:
pages-wildcard-2.weebly.com
http://courrier-vocal-orange.weebly.com/files/theme/jquery.trend.js?1503954572
GoogleSafe:
OK Load:
132ms Server: 199.34.228.54
nginx ASN: 27647 United States
Weebly, Inc. Reverse DNS:
pages-wildcard-2.weebly.com
http://courrier-vocal-orange.weebly.com/files/theme/jquery.revealer.js?1503954572
GoogleSafe:
OK Load:
148ms Server: 199.34.228.54
nginx ASN: 27647 United States
Weebly, Inc. Reverse DNS:
pages-wildcard-2.weebly.com
http://courrier-vocal-orange.weebly.com/files/theme/custom-1.js?1503954572
GoogleSafe:
OK Load:
349ms Server: 199.34.228.54
nginx ASN: 27647 United States
Weebly, Inc. Reverse DNS:
pages-wildcard-2.weebly.com
http://cdn2.editmysite.com/js/wsnbn/snowday261.js
GoogleSafe:
OK Load:
43ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
http://fonts.gstatic.com/s/robotomono/v4/hMqPNLsu_dywMa4C_DEpY4bN6UDyHWBl620a-IRfuBk.woff
GoogleSafe:
OK Load:
60ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://fonts.gstatic.com/s/robotomono/v4/N4duVc9C58uwPiY8_59FzzqR_3kx9_hJXbbyU8S6IN0.woff
GoogleSafe:
OK Load:
60ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://fonts.gstatic.com/s/yantramanav/v2/HSfbC4Z8I8BZ00wiXeA5bIUt79146ZFaIJxILcpzmhI.woff
GoogleSafe:
OK Load:
61ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://fonts.gstatic.com/s/yantramanav/v2/E1Z7InSGFB89Npehsy0O7NIh4imgI8P11RFo6YPCPC0.woff
GoogleSafe:
OK Load:
61ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://fonts.gstatic.com/s/yantramanav/v2/HSfbC4Z8I8BZ00wiXeA5bLsuoFAk0leveMLeqYtnfAY.woff
GoogleSafe:
OK Load:
63ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://fonts.gstatic.com/s/actor/v6/gZ8EM_Gzaq4WRjCimioyzQ.woff
GoogleSafe:
OK Load:
63ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://fonts.gstatic.com/s/karla/v5/69xcvahA6o9RE5_Tmt9HT_esZW2xOQ-xsNqO47m55DA.woff
GoogleSafe:
OK Load:
60ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://fonts.gstatic.com/s/karla/v5/3nZS3BKzlvhkwl4yjCQcjPesZW2xOQ-xsNqO47m55DA.woff
GoogleSafe:
OK Load:
59ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://fonts.gstatic.com/s/karla/v5/_ddpdtd1ofP9Ocd2RnhWXA.woff
GoogleSafe:
OK Load:
62ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://fonts.gstatic.com/s/karla/v5/azR40LUJrT4HaWK28zHmVA.woff
GoogleSafe:
OK Load:
62ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://cdn2.editmysite.com/fonts/Proxima-Semibold/267447_5_0.woff?123596
GoogleSafe:
OK Load:
53ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
http://cdn2.editmysite.com/fonts/Proxima-Light/267447_4_0.woff?123596
GoogleSafe:
OK Load:
55ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
http://fonts.gstatic.com/s/robotomono/v4/mE0EPT_93c7f86_WQexR3NkZXW4sYc4BjuAIFc1SXII.woff
GoogleSafe:
OK Load:
62ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://fonts.gstatic.com/s/robotomono/v4/1OsMuiiO6FCF2x67vzDKAwRV2F9RPTaqyJ4QibDfkzM.woff
GoogleSafe:
OK Load:
61ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
http://www.google-analytics.com/ga.js
GoogleSafe:
OK Load:
50ms Server: 172.217.9.206
Golfe2 ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f14.1e100.net
http://cdn2.editmysite.com/js/wsnbn/snowday262.js
GoogleSafe:
OK Load:
47ms Server: 151.101.33.46
nginx ASN: 54113 United States
Fastly Reverse DNS:
https://secure.quantserve.com/quant.js
GoogleSafe:
OK Load:
106ms Server: 66.150.118.24
QS ASN: 27281 United States
Quantcast Corporation Reverse DNS:
pixel.quantserve.com
https://www.google.com/recaptcha/api.js?_=1505656590254
GoogleSafe:
OK Load:
127ms Server: 172.217.10.68
GSE ASN: 15169 United States
Google Inc. Reverse DNS:
lga34s14-in-f4.1e100.net
http://rules.quantcount.com/rules-p-0dYLvhSGGqUWo.js
GoogleSafe:
OK Load:
209ms Server: 13.32.176.68
AmazonS3 ASN: 16509 United States
Amazon.com, Inc. Reverse DNS:
server-13-32-176-68.zrh50.r.cloudfront.net
https://www.gstatic.com/recaptcha/api2/r20170915175810/recaptcha__en.js
GoogleSafe:
OK Load:
22ms Server: 172.217.9.195
sffe ASN: 15169 United States
Google Inc. Reverse DNS:
iad30s14-in-f3.1e100.net
Content is not visible via cross-origin resource sharing (CORS) files or headers, but Subresource Integrity (SRI) is not implemented, and external scripts are loaded over http…
OpenSSL Padding Oracle: Possibly vulnerable
F-Grade security status: https://securityheaders.io/?followRedirects=on&hide=on&q=courrier-vocal-orange.weebly.com
2 vuln. jQuery libraries detected: http://retire.insecurity.today/#!/scan/53c27cfa95f390560f4b125c676aaf43fea69008569ca7907302cf416b64d7d9
47% score for use of modern technology and/or best policies maintained: https://en.internet.nl/domain/courrier-vocal-orange.weebly.com/95524/
polonus (volunteer website security analyst and website error-hunter)
It was very informative.
Hi Be Secure,
Great I could share these results with you and others and I hope it will further a better and more secure infrastructure as we gain insight to what it takes to keep the Interwebs somewhat more secure.
Glad I could be of any assistance, and I have to admit I really like to delve into these issues, it produces relevant knowledge about website security aspects as a whole and also I hope it helps towards better avast detection patterns.
your avast forum friend,
polonus
Hi,
the domain courrier-vocal-orange[.]weebly[.]com was added to our blocklist. Thank You for submission!
Jirka