Once on March 14 and twice on May 8 I got hits to my website's landing page from 8 ip's from 104.47.117.245 to 104.47.117.253. These IP's were used in an interleaved way to perform the hits. The hits otherwise look legit (ie - human) with this UA:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/57.0.2987.133 Safari/537.36

There was no referrer. Those are Microsoft IP's, but the odd thing is that 4 of them resolve to mail-(what-ever).outbound.protection.outlook.com. How on earth do you surf the web through an outlook.com mail proxy?

To continue with this Microsoft theme, I'm about to block a bunch of Microsoft /24's because of mischievous hits from these:

104.211.2.253
137.116.71.170 (*)
138.91.241.105
168.61.149.157
168.61.151.58
168.61.210.134
40.113.201.105
104.47.147.186
51.144.165.158
20.188.209.124

In one case (*) robots.txt was grabbed with UA
CSS Certificate Spider (http://www.css-security.com/certificatespider/)

Otherwise, all other hits grabbed just my landing file and have this UA:
Mozilla/5.0 zgrab/0.x

Those are all contained in AS8075, assigned to MS in the US, Netherlands and Australia.