I wouldn't get too nervous, I have seen them roaming around before. One page of visitor stats was almost funny for the companion visitors in the course of a week last Nov. from
"State Of Florida, Department Of Revenue 204.89.74.xxx",
"Halliburton Company 34.254.247.xxx",
"United States Postal Service 56.0.84.xxx",
"Department Of Homeland Security 216.81.94.xxx",
"Hca Hospital Corporation Of America 165.214.4.xxx",
"Dod Network Information Center 214.26.214.xxx",
"Florida Power & Light Company 161.154.235.xx" and
"United States Headquarters, Usaisc 132.79.7.xxx"
Pretty sure all of them were scrapers with spoofed IPs. The activity was not human and the UAs were not contemporary. The logs showed the IPs and a check of IP shows the server identified correctly, but unless there are botnets rampant in government and business I think they were just kidding. I don't check headers on that site, just checked the activity.

MSIE 8? Really? Can't the Feds afford up-to-date browsers?

Afford? Have you ever been involved in a browser or OS upgrade at a major blue chip company or government department? You have to test EVERYTHING, it is one of the most expensive things you can do short of replacing a computer centre. The bigger the organisation the more likely that browsers will be out of date, the bean counters don't give a **** about being out of support if it is still working. (OK so this one was probably spoofed)

:: bump ::

This may fall in the category of "I guess you had to be there", but...

65.197.242.abc - - [07/May/2014:05:16:08 -0700] "GET /hovercraft/hovercraft.html HTTP/1.1" 403 1787 "http://example.com/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.52 Safari/537.36" 
199.116.169.254 - - [07/May/2014:05:16:11 -0700] "GET /hovercraft/hovercraft.html HTTP/1.1" 200 44143 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; MS-RTC LM 8; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" 
65.197.242.abc - - [07/May/2014:05:16:29 -0700] "GET /boilerplate/contact.html HTTP/1.1" 200 2254 "http://example.com/hovercraft/hovercraft.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.52 Safari/537.36" 
199.116.169.254 - - [07/May/2014:05:16:29 -0700] "GET /boilerplate/contact.html HTTP/1.1" 200 4714 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; MS-RTC LM 8; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" 
199.91.135.140 - - [07/May/2014:05:16:29 -0700] "GET /boilerplate/contact.html HTTP/1.1" 200 4714 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; MS-RTC LM 8; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" 

Is this tragic or hilarious? Some human at uunet diligently uses bluecoat to protect himself from infestation... even after his browser has been recruited into a botnet. (I had to go back and check. This particular pattern, which I call the "Contact botnet", has been vexing me since June of last year.)