Anybody have any suggestions ?

I get them a lot, requests just for the favicon and not a single page request. They're accompanied by some spammy referrer, they hope the server logs may appear somewhere in public, in which case the spammer benefits from the referrer best case scenario a link exposure.

Remove the favicon.ico from the site(s) and use a different name for the icon. (for instance example.ico) and make sure it is included in the html pages. Add a rule to the server config like .htaccess to do something with the favico.ico if you want to play around.

I tested several things including issuing redirects across multiple domains in many cases they followed - not much happened other than keep bouncing back and forth - but use your seo imagination. Or just use a 404 rule if you don't have time to play.

In general accesses to the html side resources (css, icons, js etc) are totally transparent to the end user as the browser doesn't bother to report anything and what's going on in the background is another story as you're discovering via the server logs along with the possible "applications".

Thanks enigma.
That confirms more or less my conclusions. However, not being the best implementer of htaccess tis probably prudent for me to let them run with it. If I try to get too clever for my own ability, I could torpedo some genuine visitors.