Once and it's a fluke.
Twice and it's odd.
Three times and you have to investigate.

Here is the whole package. For reasons beyond my control, it is placed in the body of the document. (Inside a table cell, at that. Ugh.) The last few lines-- with explanation-- will seem irrelevant, but I think they're close to the core of the problem.

<script type = "text/javascript">

 function showClick(pagenum)
 {
 try
 {
 newstring = '<img src = "http://www.example.com/pictures/smallgifs/dot7' + pagenum + '.gif" width = "1" height = "1" alt = "">';
 document.getElementById("clicker").innerHTML = newstring;
 }
 catch(err)
 { }
 }

 document.write ('<span id = "clicker"></span>');
</script>

<p style = "margin-top: 6em; text-align: right; color: #666695; font-family: sans-serif;" onclick = "showClick(5)">qaijjaanngilaq?</p>

<img src = "http://www.example.com/pictures/smallgifs/dot1.png" width = "1" height = "1" alt = "">
<img src = "http://www.example.com/pictures/smallgifs/dot1.gif" width = "1" height = "1" alt = "">

All gifs rewrite to a single file that expires instantly. All pngs rewrite to a file that lasts 24 hours. When user visits page, gif and png both load up. Each time they return or reload, a fresh gif dot shows up in logs.

The "onclick" business was added on a whim. It is hardly ever used, but works as intended: Request for /dot7x.gif shows up sporadically in logs, typically a few seconds after the first two.

Except that sometimes... instead of /dot7x.gif, logs show a request for /dot7 and that's all. This would seem to mean that

newstring = '<img src = "http://www.example.com/pictures/smallgifs/dot7' + pagenum + '.gif" width = "1" height = "1" alt = "">'

stops at the first close-quote, so

newstring = '<img src = "http://www.example.com/pictures/smallgifs/dot7'

and hence

<span id = "clicker"><img src = "http://www.example.com/pictures/smallgifs/dot7</span>

... which, I guess, shows how forgiving browsers can be. I have no idea what happens to the rest of the page, which contains approximately eight gazillion more tables containing all kinds of text. You'd expect it all to disappear, thanks to that unclosed quotation mark, but cursory experimentation suggests it doesn't.

Very, very close study of logs reveals that:

#1. There is no unifying feature among the users that this happens to-- browser, OS, IP etc. So that excludes browser add-ons and similar.

#2. If it happens to someone once, it happens every time.

#3. The request is concurrent with the two built-in requests, meaning that the user's browser is trying to execute the function on its own initiative.

#4. In spite of the different IPs-- right up to A block-- all three groups of events come from the same ISP. Size and location of ISP mean that this cannot be coincidence. Other users of the same ISP are unaffected.

Finally: At an earlier stage, I had two versions of the clickable paragraph. One, without the "onclick" element, was in a <noscript> section. The other, including "onclick" element, was inside the <script> section. The first occurrence of /dot7 alone came after I simplified by using the same text for everyone. But I don't have any hard evidence that this triggered the problem.

---

And hence the thread title. At first glance it looks as if the browser petered out halfway and didn't finish what it was supposed to do. But on closer inspection I think it's doing more than it's supposed to do.

? ? ?