Fake AV landing site. Does Avast detect?

Alerted to this scheme by my good friend, !Donovan. The vicitim visited an expired once secure website parked with TradeDoubler adware that now redirects to a fake malware warning site, read: https://isc.sans.edu/diary/How+Victims+Are+Redirected+to+IT+Support+Scareware+Sites/19487/
The landing site’s scan results: https://www.virustotal.com/en/url/d8d55a41f0efaccd1daf16a661c2525330ef014b8098bee7b183d79650ecb260/analysis/#additional-info and https://www.c-sirt.org/en/incidents-on-domain/p2.dntrax.com and
index
Severity: Suspicious
Reason: Detected suspicious redirection to external web resources at HTTP level. [What’s this?]
Details: Detected HTTP redirection to htxps://www.dntx.com/. uMatrix blocks this destination for us.
File size[byte]: 0
File type: Unknown
Page/File MD5: 00000000000000000000000000000000
Scan duration[sec]:

Thanks to !Donovan for his observations and we should report that Sucuri has not as yet detected this malicious scheme.

polonus

This web domain also seems to play a role in this scheme: https://www.virustotal.com/en/domain/tj.symcd.com/information/

We should understand that these redirects may be rather short lived and mitigating.
Going to the IP, 23.4.43.27, it automatticaly downloads woc3kreY.part
woc3kreY.part
Scan history

Scan new file
First uploaded2014-02-07 17:01:48 GMTFiletypedata
Last scanned2014-02-07 17:01:48 GMTFile size5 B

MD5 4842E206E4CFFF2954901467AD54169E

SHA1 80C9820FF2EFE8AA3D361DF7011AE6EEE35EC4F0

SHA256 2ACAB1228E8935D5DFDD1756B8A19698B6C8B786C90F87993CE9799A67A96E4E

See what I earlier reported on this: https://forum.avast.com/index.php?topic=170995.0

polonus