I'm dissecting a malicious javascript downloader, but unable to grab the other payloads

one of those fake updates, it appears to be a randomly generated url base64 encoded style, like everything else it used for obfuscation. It downloads the first one into the cache and decrypts it and links to it that way, interesting evasion, but I cant seem to figure out how to manually pull the other payloads. I grabbed everything when it popped up on the compromised page, but I'm unable to figure out the initial compromise.

how might …

base64 cache downloader downloads evasion everything fake fake updates generated grab javascript links malicious malware obfuscation payloads updates url