False Positive for some advertisement IFRAME "JS/iFrame.cqo"

These are the url verdicted as malicious.
yes it is using the IFRAME, yes in used the obfuscation.
But I don't see any payload, nor malicious infection, EXCEPT some pop-ups banner of advertisements, some script counters and SEO analytics javascript instead.

These are the urls:
hxxp://mahogany100611n.blog.so-net.ne.jp/2012-02-13-16
hxxp://healthnews09251.blog.so-net.ne.jp/archive/20111117
hxxp://larceny081911ne.blog.so-net.ne.jp/2011-10-09
hxxp://flowerdeliverie.blog.so-net.ne.jp/archive/20111103
hxxp://squamouscell092.blog.so-net.ne.jp/2011-11-09

For your conveniences here's I paste one of the urls analysis above:

    <iframe src=
    "http://lostwebtracker.com/?if=1&scr_w=1024&scr_h=768&blog=http%3A//mahogany100611n.blog.so-net.ne.j
    p/2012-02-13-16&ref=&l=celebrity" height="1" width="1"></iframe>

    (repeated 1 time)

    <iframe src=
    "http://green-tracker.com/?if=1&scr_w=1024&scr_h=768&blog=http%3A//mahogany100611n.blog.so-net.ne.jp
    /2012-02-13-16&ref=&l=celebrity" height="1" width="1"></iframe>

    (repeated 1 time)

    <div class="bookmark"><ul>

    (repeated 1 time)

    <li><a href="http://twitter.com/share" class="twitter-share-button" data-url=
    "http://mahogany100611n.blog.so-net.ne.jp/2012-02-13-16" data-text=
    "Barbie as Britney Spears in Toxic ^_^. I know, I know that the outfit is not ...?Barbie as Britney
    Spears in Toxic ^_^. I know, I know that the outfit is not ...:Beny's blog:So-net???" data-count=
    "none">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
    </li>

    (repeated 1 time)

    <li><style>.mixi-check-button img { border:0;margin-right:2px;}</style><a href=
    "http://mixi.jp/share.pl" style="border: none" class="mixi-check-button" data-key=
    "8ca2c5d782d92e3b37ea8fb3b469bd7c3e963d41" data-button="button-1" data-url=
    "http://mahogany100611n.blog.so-net.ne.jp/2012-02-13-16">mixi check</a><script type=
    "text/javascript" src="http://static.mixi.jp/js/share.js"></script></li>

    (repeated 1 time)

    <li><a href=
    "http://b.hatena.ne.jp/entry/http%3A%2F%2Fmahogany100611n.blog.so-net.ne.jp%2F2012-02-13-16" class=
    "hatena-bookmark-button" data-hatena-bookmark-layout="standard" title="????????????????????"><img
    src="http://b.st-hatena.com/images/entry-button/button-only.gif" alt="????????????????????" width=
    "20" height="20" style="border: none;" /></a><script type="text/javascript" src=
    "http://b.st-hatena.com/js/bookmark_button.js" charset="utf-8" async="async"></script></li>

    (repeated 1 time)

    <script src="https://apis.google.com/js/plusone.js">{
      lang : 'ja'
    }
    </script>

    (repeated 1 time)

    <li><g:plusone size="medium" href="http://mahogany100611n.blog.so-net.ne.jp/2012-02-13-16" count=
    "false"></g:plusone></li>

    (repeated 1 time)

    <li><iframe src=
    "http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fmahogany100611n.blog.so-net.ne.jp%2F2012
    -02-13-16&amp;layout=button_count&amp;show_faces=true&amp;width=110&amp;action=like&amp;colorscheme=
    light&amp;height=20" scrolling="no" frameborder="0" style=
    "display:inline; border:none; overflow:hidden; width:110px; height:20px" allowTransparency="true">
    </iframe></li>

    (repeated 1 time)

    </ul></div>

    (repeated 1 time)

    <div id="square-under-1"></div>

    (repeated 1 time)

    <iframe name="maad" src=
    "http://match.seesaa.jp/ot_square.pl?hid=14&sid=mahogany100611n:10000006590014&tid=101_sonet&c=3&bg_
    c=ffffff&bg_reverse_c=fff7d7&title_c=2200cc&text_c=333333&border_c=ffffff&link_c=008000&sponsor_c=00
    0000&referer=&frame_type=0"

    (repeated 1 time)

     width="156" height="378" scrolling="no" frameborder="no" marginwidth="0" marginheight="0" allowTran
    sparency="true"></iframe>

    (repeated 1 time)
----
ZeroDay Japan
http://0day.jp
Malware Analyst: Hendrik ADRIAN / アドリアン・ヘンドリック
Twitter/VirusTotal/Google: @unixfreaxjp
Analysis Blog: http://unixfreaxjp.blogspot.com