Hi nmb,
The strength of your detection is combining info from various scanners. As you stated here not one scanner gets it all, detection of all existing malicious or suspicious sites. So combine the data of various scanning methods - unmasked parasites, and sitetruth, up to date online block lists, firekeeper rules, iFrame analyzers and online frame checking sites, de-obfuscation sites and search tools and in such a way you will have a growing hunch as at where and what to look for in these respects,
polonus