The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Malware botnet controller located at 188.8.131.52 on port 587 TCP:
$ telnet 184.108.40.206 587
Connected to 220.127.116.11.
Escape character is ‘^]’
$ nslookup 18.104.22.168
$ dig +short mail.tri2win.co.nz
Referencing malware samples: