Mass Portscanning?

I run a smallish website that received a little bit of traffic. Today I noticed a lot of odd port scanner requests to the website in the access log.

(a way to tell that a request is automated is if the visitor doesn’t request any CSS or Javascript assets)

This is a snippet of logs (ignore the internal dummy connections):

This is what a legitimate request to / looks like:

Searching these IPs on the abuse IP database shows that a lot of them have been reported in the past. Any explanation to this? Is this a small botnet? Most of the IPs are fixed line. Normally port scanners make one request and leave the site.