The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Malware botnet controller located at 104.197.24.118 on port 15647 TCP:
$ telnet 104.197.24.118 15647
Trying 104.197.24.118…
Connected to 104.197.24.118.
Escape character is ‘^]’
$ nslookup 104.197.24.118
118.24.197.104.bc.googleusercontent.com
Referencing malware samples (MD5 hash):
a0f457ab5b0cbf2170cd304be190e726 — AV detection: 23 / 65 (35.38%)
a2df22b75344b6e108e28940c5d2dee3 — AV detection: 38 / 65 (58.46%)
f6ae2d9226866f97f1cf4a7841f0c048 — AV detection: 5 / 65 (7.69%)