{human IP} - - [{timestamp} -0700] "GET /directory/images/filename.jpg HTTP/1.1" 200 2397 "http:/ /gal2.piclab.us/key/{search string}" "{human UA}"

• search-results page is jam-packed with hotlinked images alternating with links to gstatic.com --the name that also turns up in new-style g### image search, right?
  
• after opening a single page, Cookie collection bloats up with a few dozen cookies from assorted other sites, where piclab.us itself is conspicuous by its absence
  
• visit to exact page given as referer, followed by repeat look at logs, confirms that search-results page alone is enough to generate request for image. BUT as with g### image search, what you see is the real image-- thumb-sized-- not the No Hotlinks image. So it must be coded similarly.
  
• request for (www.)?piclab.us alone does not resolve to a www page. whois says the domain exists, but has no www page (they don't do subdomains-- at least not for free). The only visible pages are in the form gal[1-9].piclab.us; as far as I can make out they're all the same page.
  
• any request for gal[1-9].piclab.us/key/more-stuff-here brings up an image-search results page, although I'm ### if I can figure out where you're supposed to enter a search term. gal[1-9].piclab.us/key/ alone yields the "I forgot to code for the possibility of a null query string" blank page. Snicker.
  
• search for "piclab.us" turns up, among other things, Project Honeypot references to various IPs in the range 2.93.197-198 (Russia, nominally broadband, belongs to Corbina/Vimpelcom which I must say does not raise any positive associations).
  
• search for "piclab" alone turns up an app by this name. This may be a complete red herring, but its page at the app store includes this tidbit
  

  Top In-App Purchases
  1. Remove watermark {price}
  2. Unlock All Fonts {price}

  
  calculated to inspire confidence eh.
  
• couldn't find any evidence that they've got a robot of their own, based on a couple of targeted searches of recent raw logs.