The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Loki botnet controller located at 172.67.194.126 on port 80 (using HTTP POST):
hXXp://mangeruio.ir/oluwa/five/fre.php
$ dig +short mangeruio.ir
172.67.194.126
Referencing malware binaries (MD5 hash):
07553298f0f744325b03796d803f0add — AV detection: 31 / 69 (44.93)
8b26fb89939450977499942dea617ca0 — AV detection: 24 / 68 (35.29)
fc0ee0685a64b8c163f9358de2bf471a — AV detection: 18 / 59 (30.51)
Other malicious domain names hosted on this IP address:
hazarat.site 172.67.194.126
www.artthatsells.net 172.67.194.126
www.liveabusinesslife.com 172.67.194.126
mangeruio.ir 172.67.194.126