It doesn’t.. people are just getting ridiculous at this point..I'm a little confused as to why this has to involve Coingate. In my mind the redirect preempted anything sent to or received from Coingate. For the sake of theory, let's say an alternate "malicious" page is served up at random. Everything looks fine, but instead of the addresses or QR code coming from Coingate, it is pulled from elsewhere. And further on this exercise, once the test is deemed successful, the page is pulled from rotation along with whatever triggered it... to be used at a later date.