@mark an ads and tracking firm puts unique codes on a redirect wrapper on exports from their product, that a malicious user can simply delete, not to track anyone, but to protect users from web publishers who want to push malicious links to other malicious sites, but don't know how to operate a text editor to fix the link or how to program their website.
That sounds much more plausible now that you say it ...
Seriously tho, the idea from @villetakanen that its a bug makes a lot more sense.