if you have access to your server logs you can see exactly which files are being requested, and the url that is requesting them.
apache and other standard log files look like this:
22.214.171.124 - - [09/Feb/2005:18:09:27 -0800] "GET /nowplaying.php HTTP/1.1" 200 4110 "http://sparsely.deviantart.com/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0")
and it breaks down like this:
remote host (requesting IP address),
client username (a hyphen in the example)
authenticated username (also a hyphen here)
date (on the server),
the actual HTTP request line and method
the server response status code (list of status codes)
the size of the file requested in bytes
the referring website (this is the part you're interested in)
the user agent and environment (browser) of the requester
depending on your hosts setup, you may see more or less info in your logs.
a hyphen represents information that wasn't gathered in the request, such as the username in the example above (wasn't applicable).
if you have cPanel, it's usually listen under 'Raw Access Logs'.
honestly though, I wouldn't worry too much about hotlinking.
not images anyway :|
edit 2 : if bots are really the problem, create a robots.txt file in your site's root.
or add meta tags to tell bots what to do.
you could prevent robots from indexing your image directories, and thier contents, but still index your site.
in a robots.txt file would work.
robots.txt syntax & tutorial