The user is sending the hash to the external server.
Thus, the external
server is connecting with the visitor, and *can get their IP*.
Yes, it's this I'm objecting to, the notion that by visiting a
Wikimedia-run website I am unknowingly sending requests to some guy's
PC. I have no problem with toolserver-based setups, such as that used on
the English Wikipedia.
-Gurch