A fascinating question, but there appears to be no actual event here that would trigger analysis. You can raise this theoretical question with an attorney or in a law school class. The large hosting entities have proven remarkably "teflon" when it comes to requirements to review and act on all content. The indirection implicit in these third party hosting arrangements probably insulates them further. I would be interested in what others here on AVVO might think.
We do not have a client/attorney relationship until you make an appointment, we discuss your case face to face, I accept a retainer, and we explictly agree to enter into representation.
Anyone that comes into contact with child pornography should be reporting it.
With regard to your question of 'who is the ISP?" that is clearly the administrator of the blog and the corporate host. The user is just that, a user and is the one liable for the content. However, when we are talking about 'child porn', it is a game changer and everyone involved has a duty to report these crimes upon discovery.
The recommendations in this answer are not considered legal advice for the purposes of ethical evaluation, nor do the create a retention of counsel wherein an attorney-client relationship exists. These recommendations should never be relied upon without first consulting an attorney in your jurisdiction. I am not your attorney, unless we enter into a written agreement fulfilling the terms of that agreement. The comments posted herein are purely for educational purposes and public discourse only.