> On Nov 17, 2016, at 4:47 PM, Loren Burlingame <theixian at hotmail.com> wrote: > > >Web browser plugins, perhaps? > > The client that is querying, in this case, is a PowerShell script and doesn't have any plugins that I am aware of. > > When I query the same script for the report page, it is from a web browser, but the parameter passed is not the same as the PowerShell script's parameter. > > It is the PowerShell script's full query including the parameter that is being duplicated, not my browser’s. Then I would suspect there’s a packet sniffer out there on an infected computer (not necessarily yours) that is getting this information via WiFi… Of course, that means your laptop is on WiFi phoning home. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20161117/a699a48d/attachment.html>