(no title)

Welcome to the internet. Install pfsense/opnsense and run your own firewall at home and you'll be shocked at the flood of non-stop portscans hitting your ip getting blocked. This is par for the course and there is nothing you can do to prevent it, you have to build systems able to mitigate, offload, block bad actors. This will always be the case.

Any free service that has utility will be quickly scripted against and used to make someone else money. Build accordingly

You mentioned low income countries. This could be infected devices running ancient unpatched OSes, but what if the traffic is legit, coming from impoverished countries who found your service and use it to teach their children and learn things they'd otherwise not have access to?

Personally I would deep dive the traffic and try to determine the intent behind it, you could be destroying a future generation's potential, and not blocking malware I'm assuming you can correlate the requests from those ips with that they are translating. Odds are someone is hitting your service to translate for their paid service, but if it's an important part of a poor country, I'd find a way to allow it to keep happening

> AFAIK we couldn't see translation requests from them, just loading our website.

Browser homepage? Or maybe the unlucky victim of a "connectivity check/am I online" recurring task

That's interesting. The traffic sources hitting me seem to be the opposite. Mainly US, Western Europe, and other better well to do places around the world. I suspect a lot of the traffic is from apps on smart devices. I've seen user agents that reference Bravia tvs for example.