Potentially suspicious files found at software download website..

Re: https://urlquery.net/report/2e12d27d-637f-409e-86e4-2b352adea2de
DLL files download alerted…
Nothing here: https://www.virustotal.com/en/url/95fa51b7d74bf2cf6027f36f6318daf0304f4f205f870448b6bf7b307221ce67/analysis/1556808517/
Quttera flags:

/js/customselect.js
Severity: Potentially Suspicious
Reason: Suspicious JavaScript code injection.
Details: Procedure: + has been called with a string containing hidden JavaScript code .

&
/js/jquery-1.0.4.pack.js
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Detected potentially suspicious initialization of function pointer to JavaScript method write __tmpvar1886299691 = write;

Detected: https://retire.insecurity.today/#!/scan/8393142f879b3f1bdfb99545c558c54e0a652f769705f8b0eb531b13c312d3cb

Various vulnerabilities: https://www.shodan.io/host/80.237.198.121

DOM-XSS issues, results from scanning URL: -https://www.miray.de/js/TabSwitcher.js
Number of sources found: 80 ; number of sinks found: 11

polonus (volunteer website security analyst and website error-hunter)

Pondus, just informed me, we also have to consider a file detection that flagged it.
Another problem for this is the size of the urlquery related executable is well over the maximum VT scanning size:
The response exceeds the maximum file size allowed by the application.
VirusTotal will only download files under 32MB in size.

Anyway, thanks to Ponus for checking this up, your grasp of VT is second to none.

So I cannot come up with a valid equation,

By the way pack.js in the above example found to be suspicious by Quttera’s is known URL decoding,
Detected potentially suspicious initialization of function pointer to JavaScript method write __tmpvar754092521 = write;

polonus

polonus