Several of my websites received requests like this:

131.107.0.xx - - [09/Jul/2007:18:46:12 +0200] "GET / HTTP/1.1" 200 37473 "http://search.live.com/result.aspx?q=chevrolet&mrt=en-us&FORM=LVSP" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; Win64; x64; SV1)"

They don't look into robots.txt, simply download pages along with JS and CSS files.

The falsified referrers contain top keywords like car brands and "highly competitive" :) medical widgets.

The IP block belongs to Microsoft, and the IPs resolve to hosts like tide525.microsoft.com, tide526.microsoft.com etc. Traceroute leads to Microsoft puters, too.

What's this?

[edited by: volatilegx at 2:51 am (utc) on July 11, 2007]
[edit reason] obfuscated ip address [/edit]