Those ips have shown up as abuse in logs before. Some turkish university doing ddos amp attacks (or receiving them, based on udp amplification)
Don't worry, shouldn't be actual clients.
https://www.abuseipdb.com/check/194.27.72.36
https://www.abuseipdb.com/check/194.249.87.231