Security Analyst Edward Fjellskl found a strange piece of obfuscated Javascript at hxxp://bizoplata.ru/pay.html (WARNING: CONTAINS LIVE MALWARE) He wanted to know if I could figure out what exactly it was doing and whether it was indeed malicious. After roughly three levels of redirect obfuscation, he finally reached the end goal – a page that contained an obfuscated version of the Microsoft Access Snapshot Viewer ActiveX vulnerability outlined in CVE-2008-2463.”]
Source: https://blog.talosintelligence.com/2009/02/detecting-silly-javascript-obfuscation.html