I can now confirm that for all instances the user agent string is for IE9 32bit running on 64bit win 7
Also that the web server logs are showing mangled values.
I do not know at what point the log information is captured, if there's a possibility of it being manipulated in the server beforehand?
I noticed I was getting this problem a while back. We would send out some emails generated by coldfusion with various URL vars in them and then after they were sent out we noticed a number of errors coming back where the URL was incorrect and had been adjusted. Sometimes adding numbers and extra letters, sometimes adding an apostrophe.
When looking at the error dump we have for each of these they all came from IE9 users. After looking at things our side and a bit more testing we were unable to reproduce or find an error so could only assume it was that particular version of IE 9 that was corrupting the URL some how.
Still haven't got to the bottom of it yet!
Thank you haxbh, this is both encouraging and discouraging at the same time
Since I can't duplicate the behavior when I type the url into IE9 on win 7, I wonder if the actual problem might be where an email client hands the URL to the browser? Not sure how to test that theory since it would require knowing what client each user with an error is using.