The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Malware botnet controller located at 138.201.2.2 on port 2022 TCP:
$ telnet 138.201.2.2 2022
Trying 138.201.2.2…
Connected to 138.201.2.2.
Escape character is ‘^]’
$ nslookup 138.201.2.2
static.2.2.201.138.clients.your-server.de
Referencing malware samples:
MD5 f4d60d29fa33e0d34d790e40e5dd2efc