See: http://killmalware.com/carmenkaliente.blogspot.mx/ (site not suitable for minors)
See: http://app.webinspector.com/public/reports/23274705 given as suspicous
Detected here: https://www.virustotal.com/nl/url/2ebcc0825fc077198cf723f0e9447a277bfca21aa77a546d722982db4a37d661/analysis/1406061010/

polonus

https://www.metascan-online.com/en/scanresult/file/0eae2f59b12c428a8fa36733b231c625
https://www.virustotal.com/nb/file/56a3c625c0e0e51378e9c3c543cd8c7c3cfdd0089c1339e97563b8e039adc862/analysis/1406061924/

Update - the same malware was detected here:
This is a suspicious page
Result for 2015-03-13 13:05:40 UTC
Website: htxp://aljazeera-sport-tv-hd-live-online.blogspot.ae
Checked URL: htxp://aljazeera-sport-tv-hd-live-online.blogspot.ae/2013/10/el-clasico-esp …
Trojans detected:
Object: htxp://aljazeera-sport-tv-hd-live-online.blogspot.ae/2013/10/el-clasico-espanol-fc-barcelona-v-real_25.html
SHA1: 0553f26b5a67a2361e2e4f44bb288122a2bb1503
Name: TrojWare.JS.TrojanClicker.FbLiker.A
See: https://www.virustotal.com/nl/url/19b57c560d92e645182ddfd7ff9dc17afa9ace32dabe716c06b775758825c50e/analysis/

No detections here: http://sitecheck.sucuri.net/results/aljazeera-sport-tv-hd-live-online.blogspot.ae
Site for theme not installed yet: htxp://mouvement-citoyens-savoie.net/wp-content/themes/phantom/

This detected from site: https://www.virustotal.com/nl/domain/chordpoprocktoolbar.googlecode.com/information/
Avast detects JS:Clickjack-AA [Trj] here.

Share this script not encrypted: http://support.sharethis.com/customer/portal/articles/475097-ssl-support

pol

aljazeera-sport-tv-hd-live-online.blogspot.ae.htm
https://www.virustotal.com/en/file/e02cdbcdbdf7ee9b9715bf9f337ceddb49b759022d9e6ef33fdd1118d39901b9/analysis/1426274641/

el-clasico-espanol-fc-barcelona-v-real_25.html
https://www.virustotal.com/en/file/361afb9a37a65dfcf55340c358b72fa0f7351366ca56d31d223c084e6fb01c72/analysis/1426274689/

confirmed by Norman / BlueCoat and detection added

aljazeera-sport-tv-hd-live-online.blogspot.ae.htm = Iframe.ACG
el-clasico-espanol-fc-barcelona-v-real_25.html = Iframe.ACH

Avast now also flags site as unsafe.

polonus

An update on this detection Trojans detected:
Object: htxp://3gool.blogspot.co.uk/2011
SHA1: c47a4de069f7672d56caa6954a0bb8307e45577b
Name: TrojWare.JS.TrojanClicker.FbLiker.A
Is this still there, seen to it went missing here: http://sitecheck.sucuri.net/results/3gool.blogspot.co.uk
Do not visit site as it has adult content and is not for minors in cat. blogs and personal sites
Sucuri does not detect and has: No Malware Detected by External Scan. Additional Actions Recommended!
Malicious iFrame link detected twice → https://www.virustotal.com/en/url/b9cecc9dfb230e5894332ac97d2c4c6a04dc050de6f5bf7cb17782223fd42710/analysis/
Quttera detects 237 malicious files with a detected reference to malicious blacklisted domain -ads.clicksor.com
and blacklisted 100 external links. List of referenced blacklisted domains/hosts: 3
-3gool.blogspot.co.uk
-ads.clicksor.com
-3gool.blogspot.com

A tracker tracker report delivers tracking from such sources as .googlesyndication.com/simgad; htxp://ads.clicksor.com/newServing/showAd.php; htxp://adserver.juicyads.com/adshow.php?adzone=174460;
d1ros97qkrwjf5.cloudfront.net|.newrelic.com); clicksor.com|myroitracking.com|.hatid.com) ** htxp://ads.clicksor.com/newServing/showAd.php?nid=1&pid=289141&adtype=1&sid=533363&float=1 Clicksor;
htxp://www.yesadvertising.com Advertising.com; * .google.com/buzz/api/button.js|apis.google.com/js/plusone.js|apis.google.com/js/platform.js) htxps://apis.google.com/js/plusone.js Google+ Platform etc.
I do not give the full tracker tracker report attached as this site holds explicit adult content and is not meant for minors.
see * → https://www.mywot.com/en/scorecard/yesadvertising.com?utm_source=addon&utm_content=popup
For clicksor adware ** → http://malwaretips.com/blogs/clicksor-ads-removal/

polonus

Another update: This is a suspicious page
Result for 2015-04-11 12:57:06 UTC
Website: htxp://36fabiano36.blogspot.it
Checked URL: htxp://36fabiano36.blogspot.it/2014/01/scott-stone.html
Trojans detected:
Object: htxp://36fabiano36.blogspot.it/2014/01/scott-stone.html
SHA1: bd145b12c7110a7fca800c31c5ebabd4cb34a236
Name: TrojWare.JS.TrojanClicker.FbLiker.A - avast would detect: JS:Clickjack-CS [Trj]
https://www.virustotal.com/nl/url/79824839cd3521f650a0c94faaba5a0adde489a87799832381080fa2ebca2aaa/analysis/
Fortinet flags as malware here: https://urlquery.net/report.php?id=1428761929422
Missed by Sucuri’s: https://sitecheck.sucuri.net/results/36fabiano36.blogspot.it

100 potentially suspiucious files via Quttera scan:
Severity: Potentially Suspicious
Reason: Detected PDF file containing potentially suspicious instructions
Details: Detected hidden CSS declaration
This page has been blocked by the Netcraft Extension for the following reason:

Suspected XSS Attack

Blocked URL: htxps://www.google.nl/search?q=%5B%3Cstyle+type%3D%27text%2Fcss%27%3E%5E%23header+h1.title%2C%23header+p.title%7Bfont-size%3A220%25%3Btext-transform%3Auppercase%3Bpadding%3A10px+0+0%3Bmargin%3A0%7D%5E.post-body+h1%7Bfont-size%3A200%25%7D%5E.post-body+h2%7Bfont-size%3A180%25%7D%5E.post-body+h3&oq=%5B%3Cstyle+type%3D%27text%2Fcss%27%3E%5E%23header+h1.title%2C%23header+p.title%7Bfont-size%3A220%25%3Btext-transform%3Auppercase%3Bpadding%3A10px+0+0%3Bmargin%3A0%7D%5E.post-body+h1%7Bfont-size%3A200%25%7D%5E.post-body+h2%7Bfont-size%3A180%25%7D%5E.post-body+h3&aqs=chrome…69i57&sourceid=chrome&es_sm=93&ie=UTF-8

pol

Update malware still here:- JS:Clickjack-H [Trj]
https://www.virustotal.com/nl/url/a46d90f9fa2119f147ea0cd2ca0a05565e0e82ab89f69932682cb14be34cc796/analysis/
Not detected here: https://sitecheck.sucuri.net/results/aljazeera-sport-tv-hd-live-online.blogspot.mx
Flagged by Fortinet’s filter: http://urlquery.net/report.php?id=1430255528238
Trojans detected:
Object: http://aljazeera-sport-tv-hd-live-online.blogspot.mx/
SHA1: e80509efe0e6a76c3a5e69ce57826e50e9ef5d80
Name: TrojWare.JS.TrojanClicker.FbLiker.A aka JS:Clickjack-H [Trj]

Linked Javascript
-http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
-https://funnypics-jpg.googlecode.com/svn/trunk/opon.js
-http://www.websnapr.com/js/websnapr.js
-http://bubble.websnapr.com/EyUL4QE1i0lM/swi/
-https://www.google.com/jsapi?key=ABQIAAAAlQIoliUVPjZwD8UDgw_U3RTUhB4JyH-ajz-fA9t4yePPPdGAfRTC_mtuh6Iq1MLEipD0I2rCi30Png
-http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
-http://facewoman.googlecode.com/files/rss.js
-https://apis.google.com/js/plusone.js
-http://w.sharethis.com/button/buttons.js
-http://chordpoprocktoolbar.googlecode.com/files/scrollerchordpoprock.js
-http://yourjavascript.com/425111422721/label.js
-http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.js
-http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
-http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.js
-https://www-blanat-net.googlecode.com/svn/trunk/all.js#xfbml=1
-https://funnypics-jpg.googlecode.com/svn/trunk/facebook.js
-https://www.blogger.com/static/v1/widgets/2076720373-widgets.js
-https://apis.google.com/js/plusone.js

WP theme phantom vulnerable - could lead to the total compromittal of a WP blogsite.

Additionally a PHP threat was found by Quttera’s: http://quttera.com/detailed_report/aljazeera-sport-tv-hd-live-online.blogspot.mx → wXw-blanat-net.googlecode.com/svn/trunk/all.js#xfbml=1
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Potentially suspicious obfuscated PHP threat
Offset: 39502 → -> http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww-blanat-net.googlecode.com%2F

polonus (volunteer website security analyst and website error-hunter)

Update malware also found here:
This is a suspicious page
Result for 2015-05-02 15:55:05 UTC
Website: htxp://36fabiano36.blogspot.de
Checked URL: htxp://36fabiano36.blogspot.de/search/label/sesso+all%27aperto
Trojans detected:
Object: htxp://36fabiano36.blogspot.de/search/label/sesso+all%27aperto
SHA1: 0ccb8de0f06ea8c7705ddb27f8dc26c9b57908bf
Name: TrojWare.JS.TrojanClicker.FbLiker.A
Site Likely Compromised

Detected here: http://urlquery.net/report.php?id=1430584016748

IP badness history: http://www.herdprotect.com/ip-address-74.125.226.76.aspx
→ -> http://totalhash.com/network/ip:74.125.226.76
Complaint: http://www.liveipmap.com/74.125.226.76

Trojan detection confirmed here: http://zulu.zscaler.com/submission/show/d05fee349ea645b30ea4f4a3555084c7-1430584311

List of iFrames included: http://www.transtwenty.org → https://www.virustotal.com/nl/url/40a5c22a0d9a65f68eeb91e97b7703b53438e35d367e8feab74c10e5cfe4eddf/analysis/

Read about a possible server hack here: https://www.blogger.com/static/v1/widgets/2076720373-widgets.js →
http://www.tomshardware.co.uk/answers/id-2014208/server-hacked-code-purpose.html

polonus