Missed detection: TrojWare.JS.Agent.weq

See: Trojans detected:
Object: htxp://aiinaraa.blogspot.com/2009/10/por-una-mirada-un-mundo-por-una-sonrisa.html
SHA1: caecb82361641b232a8ea610b037eca1f2151656
Name: TrojWare.JS.Agent.weq
Real issue: https://www.virustotal.com/nl/url/bf85f8aa8e87d94b1f7a98dba3015567b5118a81599e669fff2037acec8a05a0/analysis/

Sucuri detects: http://sitecheck.sucuri.net/results/aiinaraa.blogspot.com

Also see: http://www.herdprotect.com/ip-address-74.125.226.74.aspx

54 detected suspicious files by Quttera’s: http://quttera.com/detailed_report/aiinaraa.blogspot.com
Detected reference to blacklisted domain. - http-generator: ERROR: Script execution failed
tls-nextprotoneg: | spdy/3.1 vulnerable for the SSL session reuse vulnerability
Strict-Transport-Security does not appear to be found in the site’s HTTP header, so browsers will not try to access your pages over SSL first. :frowning: CRIME vulnerability?

Not detected Content-Security-Policy , x-webkit-csp, or even x-webkit-csp-report-only in the site’s HTTP header.

Permitted-Cross-Domain-Policies does not appear to be found in the site’s HTTP header, so it’s possible that cross domain policies can be set by other users on your site and be obeyed by Adobe Flash and pdf files…

Various Good Policy with 5 Happy Findings from Site’s Header Tests.

See suspicious script attached as image - benign translates as:

 //document.write (s)  <script language="javascript">function dF(s){var s1=unescape(s.substr(0,s.length-1)); var t='';for(i=0;i<s1.length;i++)t+=String.fromCharCode(s1.charCodeAt(i)-s.substr(s.length-1,1));document.write(unescape(t));}</script> 

pol

The threats presented: http://www.compros.com/Articles/Scams%20full%20article.htm

pol

Update.
Again detected here: This is a suspicious page
Result for 2015-08-19 18:02:40 UTC
Website: -http://7182010.blogspot.ru
Checked URL: -http://7182010.blogspot.ru/2010/04/diy-project-wedding-flower-part-1.html
Trojans detected:
Object: -http://7182010.blogspot.ru/2010/04/diy-project-wedding-flower-part-1.html
SHA1: 8bbd304ffeb45c1cda8f2f4bdc22bace613e9ec8
Name: TrojWare.JS.Agent.weq
Re: https://www.virustotal.com/nl/url/e51d4ac4ddd4aad5ccec8886923a63f8209bffc7d606982f3dfc00a215f61981/analysis/1440010615/
89 malicious files: Detected reference to malicious blacklisted domain 7182010.blogspot.com
Detected: Known javascript malware. Details: http://sucuri.net/malware/entry/MW:JS:233
iFrame encoded via document.write.
WordPress security hole exploited.

polonus

:-\

7182010.blogspot.ru.htm
https://www.virustotal.com/en/file/a8322b14c4d9465325befb6765a6fc9b7d239ff783b30cac9ef033764fb58ffc/analysis/1440011402/

diy-project-wedding-flower-part-1.html
https://www.virustotal.com/en/file/b2572b4c4c021b78b1bcacb765ee82376869e9b9b14f13878d5ee3871c52e615/analysis/1440011435/

signature Auto added by Norman/BlueCoat as Clicker.NO

Thanks, Pondus, for the actualization.

polonus